fix(core): Use JWT as reset password token (#6714)

* use jwt to reset password * increase expiration time to 1d * drop user id query string * refactor * use service instead of package in tests * sqlite migration * postgres migration * mysql migration * remove unused properties * remove userId from FE * fix test for users.api * move migration to the common folder * move type assertion to the jwt.service * Add jwt secret as a readonly property * use signData instead of sign in user.controller * remove base class * remove base class * add tests
2025-12-18 10:31:15 +00:00 · 2023-07-24 17:40:17 -04:00
parent c2511a829c
commit 89f44021b9
19 changed files with 209 additions and 146 deletions
--- a/packages/cli/src/auth/jwt.ts
+++ b/packages/cli/src/auth/jwt.ts
@@ -38,7 +38,6 @@ export function issueJWT(user: User): JwtToken {

 	const signedToken = jwt.sign(payload, config.getEnv('userManagement.jwtSecret'), {
 		expiresIn: expiresIn / 1000 /* in seconds */,
-		algorithm: 'HS256',
 	});

 	return {