signature is invalid
afeish opened this issue · 0 comments
afeish commented
Hi, I am use jwt-go to do my authentication. Everything seems fine unitl today I find a strage phenomenon.
I use curl to do the PUT request twice with the exact request parameters. But the first request was rejected by jwt. and the second one succeed. As you can see the above screen is the actual log of my server. The first request came with nothing
I have walked through the source code of jwt-go, and wonder if there are some data race of the verify logic
as you can see, the second request is blocked to sending the actual data to the server, while the first one just return quickly
I use HS512 as my jwt signing and verifying algorithm
The gin-jwt version I use is 2.6.4