From 9b53fb4bc02566cef7d1ce8809459e5c6446190b Mon Sep 17 00:00:00 2001
From: Aarni Halinen <aarni.halinen@gmail.com>
Date: Sun, 24 Jul 2022 20:53:01 +0300
Subject: [PATCH 1/2] use jwt_access cookie in Filebrowser auth

---
 webapp/views.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/webapp/views.py b/webapp/views.py
index b9dad47..0a0f677 100644
--- a/webapp/views.py
+++ b/webapp/views.py
@@ -337,13 +337,13 @@ class JobAdViewSet(ModelViewSet):
 
 @require_http_methods(["GET"])
 def nginx_jwt_resp(request, *args, **kwargs):
-    cookie = request.COOKIES.get("jwt", None)
-    if not cookie:
+    accessKey = request.COOKIES.get("jwt_access", None)
+    if not accessKey:
         return HttpResponse("", status=401)
     try:
         # This also verifies the signature.
         # See https://pyjwt.readthedocs.io/en/latest/usage.html#reading-the-claimset-without-validation
-        token = decode(cookie, settings.SECRET_KEY, algorithms=["HS256"])
+        token = decode(accessKey, settings.SECRET_KEY, algorithms=["HS256"])
     except InvalidSignatureError:
         return HttpResponse("", status=403)
     user = "admin" if token.get("username", "") == "admin" else "moderator"

From dd0254a08e6ad0d11be4ecacc81c020ffef7af24 Mon Sep 17 00:00:00 2001
From: Aarni Halinen <aarni.halinen@gmail.com>
Date: Sun, 24 Jul 2022 21:02:35 +0300
Subject: [PATCH 2/2] fix try-catch for jwt verification

---
 webapp/views.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/webapp/views.py b/webapp/views.py
index 0a0f677..c534caf 100644
--- a/webapp/views.py
+++ b/webapp/views.py
@@ -1,7 +1,7 @@
 """Webapp views."""
 
 from jwt import decode
-from jwt.exceptions import InvalidSignatureError
+from jwt.exceptions import InvalidTokenError
 from django.utils import timezone
 from django.conf import settings
 from django.http import HttpResponse, JsonResponse
@@ -344,7 +344,7 @@ def nginx_jwt_resp(request, *args, **kwargs):
         # This also verifies the signature.
         # See https://pyjwt.readthedocs.io/en/latest/usage.html#reading-the-claimset-without-validation
         token = decode(accessKey, settings.SECRET_KEY, algorithms=["HS256"])
-    except InvalidSignatureError:
+    except InvalidTokenError:
         return HttpResponse("", status=403)
     user = "admin" if token.get("username", "") == "admin" else "moderator"
     resp = HttpResponse("", status=200)