pokemon/nuzlocke-tracker
1
1
Fork 0
Code Issues Pull Requests 10 Actions Packages Projects Releases Wiki Activity

Fix JWT verification failing in local dev (HS256 fallback) #80

Merged
TheFurya merged 1 commits from feature/fix-jwt-verification-failing-in-local-dev-hs256-fallback into develop 2026-03-22 09:41:43 +01:00
Conversation 0 Commits 1 Files Changed 7 +40 -18

1 Commits

Author SHA1 Message Date
Julian Tabel
af55cdd8a6 fix: add HS256 fallback for JWT verification in local dev
All checks were successful
CI / backend-tests (pull_request) Successful in 29s
Details
CI / frontend-tests (pull_request) Successful in 29s
Details 
Local GoTrue signs JWTs with HS256, but the JWKS endpoint returns an
empty key set since there are no RSA keys. Fall back to HS256 shared
secret verification when JWKS fails, using SUPABASE_JWT_SECRET.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-22 09:38:52 +01:00