Closed KTibow closed 6 months ago
I have the same problem, 2.2.5 works for me but not the latest. verify fails on a valid token created with sign.
My secret isn't short either.
@tsndr explain why you're decodeURI, encodeURIComponent
ing all secrets passed in. this means that we can't use any secrets with =
in them.
Token generated with jwt.io and a short secret (should be valid):
Token generated with this library is invalid according to jwt.io:
This problem isn't present at version 2.2.5.