Validate token payload before signing it (#1594)

Adds validation of the payload passed to `AuthRepository['signToken']`, ensuring that it is a `AuthPayloadDto`.
safe-global · May 28, 2024 · 078d1d1 · 078d1d1
1 parent 2037dd4
commit 078d1d1
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/src/domain/auth/auth.repository.ts b/src/domain/auth/auth.repository.ts
@@ -24,8 +24,8 @@ export class AuthRepository implements IAuthRepository {
       notBefore?: number;
     },
   ): string {
-    // TODO: Verify payload before signing it
-    return this.jwtService.sign(payload, options);
+    const authPayloadDto = AuthPayloadDtoSchema.parse(payload);
+    return this.jwtService.sign(authPayloadDto, options);
   }
 
   verifyToken(accessToken: string): AuthPayloadDto {