Michael Freno 3192d1a779 Fix JWT security issues in signaling and alert servers (FRE-4497) ...

- Replace custom JWT parser with jsonwebtoken library (timing-safe HMAC)
- Prefer Authorization header over URL query for token extraction
- Add jsonwebtoken + @types/jsonwebtoken to server dependencies

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-05-01 09:04:28 -04:00

8.0 KiB

Raw Blame History

View Raw