From a46b8081cf30323b1d8029cdae6669de29b36616 Mon Sep 17 00:00:00 2001 From: Jan Meinl Date: Sun, 12 Apr 2026 15:49:21 +0200 Subject: [PATCH] Add email claim to JWT, adjust role/permissions claims, and allow localhost:5173 origin --- src/main/java/dev/coph/flightscore/backend/Backend.java | 1 + .../java/dev/coph/flightscore/backend/user/UserProvider.java | 5 +++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/main/java/dev/coph/flightscore/backend/Backend.java b/src/main/java/dev/coph/flightscore/backend/Backend.java index 858dd9d..b7dfeae 100644 --- a/src/main/java/dev/coph/flightscore/backend/Backend.java +++ b/src/main/java/dev/coph/flightscore/backend/Backend.java @@ -95,6 +95,7 @@ public class Backend { logger.info("Configuring web server..."); webServer.addAllowedOrigin("http://localhost:3000"); + webServer.addAllowedOrigin("http://localhost:5173"); logger.success("Web server configured!"); logger.info("Starting web server..."); diff --git a/src/main/java/dev/coph/flightscore/backend/user/UserProvider.java b/src/main/java/dev/coph/flightscore/backend/user/UserProvider.java index b4b146c..caf5105 100644 --- a/src/main/java/dev/coph/flightscore/backend/user/UserProvider.java +++ b/src/main/java/dev/coph/flightscore/backend/user/UserProvider.java @@ -253,6 +253,7 @@ public class UserProvider implements Provider { .algorithm(jwtSignAlgorithm) .audience("flightscore-api") .issuer("flightscore-api") + .claim("email", user.email()) .subject(user.id().toString()) .expiresAt(expiresAt / 1000) .issuedAt(System.currentTimeMillis() / 1000); @@ -260,8 +261,8 @@ public class UserProvider implements Provider { if (user.role() != null) { JSONArray permissions = new JSONArray(); user.role().permissions().forEach(permission -> permissions.put(permission.name())); - builder.claim("permission", permissions.toString()); - builder.claim("role", user.role().id().toString()); + builder.claim("permissions", permissions.toString()); + builder.claim("role", user.role().name()); } return builder.sign();