From a0eeff1fdaf90939e7e5bf4e68a23071ac086680 Mon Sep 17 00:00:00 2001
From: Joe Banks <joe@jb3.dev>
Date: Fri, 8 Aug 2025 23:25:09 +0100
Subject: Use exp key for JWT as well as expiry key

---
 backend/routes/auth/authorize.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/backend/routes/auth/authorize.py b/backend/routes/auth/authorize.py
index 8fe7e85..7f18cb4 100644
--- a/backend/routes/auth/authorize.py
+++ b/backend/routes/auth/authorize.py
@@ -54,7 +54,10 @@ async def process_token(
         "refresh": bearer_token["refresh_token"],
         "user_details": user_details,
         "in_guild": bool(member),
+        # Legacy key, we should use exp and use JWT expiry as below it.
         "expiry": token_expiry.isoformat(),
+        # Correct JWT expiry key:
+        "exp": token_expiry
     }
 
     token = jwt.encode(data, SECRET_KEY, algorithm="HS256")
-- 
cgit v1.2.3