aicam commented on PR #4388: URL: https://github.com/apache/texera/pull/4388#issuecomment-4262190570
> @aicam can you explain what this solution is doing? The reason token can be forged is that we never rewrote the JWT secret default in `common/config/src/main/resources/auth.conf`, so basically anyone can create a token using default value and user id 1 and use it in the system. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
