fix: use fixed expiry for asymmetric JWT generation to ensure consistent keys

7ttp · 7ttp · commit c8e3ffd3e6c1 · 2026-01-24T01:34:34.000+05:30
diff --git a/pkg/config/apikeys.go b/pkg/config/apikeys.go
@@ -75,7 +75,7 @@ func (a *auth) generateAPIKeys() error {
 func (a auth) generateJWT(role string) (string, error) {
 	claims := CustomClaims{Issuer: "supabase-demo", Role: role}
 	if len(a.SigningKeys) > 0 {
-		claims.ExpiresAt = jwt.NewNumericDate(time.Now().Add(time.Hour * 24 * 365 * 10)) // 10 years
+		claims.ExpiresAt = jwt.NewNumericDate(time.Unix(defaultJwtExpiry, 0))
 		return GenerateAsymmetricJWT(a.SigningKeys[0], claims)
 	}
 	// Fallback to generating symmetric keys

Original file line number	Diff line number	Diff line change
`@@ -75,7 +75,7 @@ func (a *auth) generateAPIKeys() error {`
`75`	`75`	`func (a auth) generateJWT(role string) (string, error) {`
`76`	`76`	`claims := CustomClaims{Issuer: "supabase-demo", Role: role}`
`77`	`77`	`if len(a.SigningKeys) > 0 {`
`78`		`- claims.ExpiresAt = jwt.NewNumericDate(time.Now().Add(time.Hour * 24 * 365 * 10)) // 10 years`
	`78`	`+ claims.ExpiresAt = jwt.NewNumericDate(time.Unix(defaultJwtExpiry, 0))`
`79`	`79`	`return GenerateAsymmetricJWT(a.SigningKeys[0], claims)`
`80`	`80`	`}`
`81`	`81`	`// Fallback to generating symmetric keys`