diff --git a/package.json b/package.json index 6a72405a..615f4068 100644 --- a/package.json +++ b/package.json @@ -45,6 +45,7 @@ "i18next": "^22.4.5", "immer": "^10.0.2", "iso-639-1": "^3.1.0", + "jwt-decode": "^4.0.0", "lodash.isequal": "^4.5.0", "nanoid": "^5.0.4", "node-forge": "^1.3.1", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 3be020b8..2039c0fa 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -68,6 +68,9 @@ dependencies: iso-639-1: specifier: ^3.1.0 version: 3.1.0 + jwt-decode: + specifier: ^4.0.0 + version: 4.0.0 lodash.isequal: specifier: ^4.5.0 version: 4.5.0 @@ -4526,6 +4529,11 @@ packages: resolution: {integrity: sha512-cxQGGUiit6CGUpuuiezY8N4m1wgF4o7127rXEXDFcxeDUFfdV7gSkwA26Fe2wWBiNQq2SZOgN4gSmMxB/StA8Q==} dev: true + /jwt-decode@4.0.0: + resolution: {integrity: sha512-+KJGIyHgkGuIq3IEBNftfhW/LfWhXUIY6OmyVWjliu5KH1y0fw7VQ8YndE2O4qZdMSd9SqbnC8GOcZEy0Om7sA==} + engines: {node: '>=18'} + dev: false + /keyv@4.5.3: resolution: {integrity: sha512-QCiSav9WaX1PgETJ+SpNnx2PRRapJ/oRSXM4VO5OGYGSjrxbKPVFVhB3l2OCbLCk329N8qyAtsJjSjvVBWzEug==} dependencies: diff --git a/src/backend/helpers/providerApi.ts b/src/backend/helpers/providerApi.ts index ed79bd48..fa608e6a 100644 --- a/src/backend/helpers/providerApi.ts +++ b/src/backend/helpers/providerApi.ts @@ -1,4 +1,5 @@ import { MetaOutput, NotFoundError, ScrapeMedia } from "@movie-web/providers"; +import { jwtDecode } from "jwt-decode"; import { mwFetch } from "@/backend/helpers/fetch"; import { getTurnstileToken, isTurnstileInitialized } from "@/stores/turnstile"; @@ -16,13 +17,11 @@ export function getCachedMetadata(): MetaOutput[] { function getTokenIfValid(): null | string { if (!token) return null; - const parts = token.split("."); - if (parts.length !== 3) return null; try { - const parsedData = JSON.parse(atob(parts[2])); - if (!parsedData.exp) return token; - if (Date.now() < parsedData.exp) return token; - } catch { + const body = jwtDecode(token); + if (!body.exp) return `jwt|${token}`; + if (Date.now() / 1000 < body.exp) return `jwt|${token}`; + } catch (err) { // we dont care about parse errors } return null; @@ -90,7 +89,7 @@ export async function connectServerSideEvents( // fetch token to use let apiToken = getTokenIfValid(); if (!apiToken && isTurnstileInitialized()) { - apiToken = await getTurnstileToken(); + apiToken = `turnstile|${await getTurnstileToken()}`; } // insert token, if its set