From 606a0f18ccbb7c0364d30a830e075dc6a1167cfc Mon Sep 17 00:00:00 2001
From: Arzumify <jliwin98@hectabit.org>
Date: Sat, 4 May 2024 16:32:49 +0100
Subject: [PATCH] Add KID in tokens

---
 main.go | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/main.go b/main.go
index b1edebe..ae22662 100644
--- a/main.go
+++ b/main.go
@@ -775,13 +775,18 @@ func main() {
 			"nonce":   genSalt(512),
 		}
 
-		jwt_token, err := jwt.NewWithClaims(jwt.SigningMethodRS256, datatemplate).SignedString(privateKey)
+		tokentemp := jwt.NewWithClaims(jwt.SigningMethodRS256, datatemplate)
+		tokentemp.Header["kid"] = "burgerauth"
+		jwt_token, err := tokentemp.SignedString(privateKey)
 		if err != nil {
 			log.Println("[ERROR] Unknown in /api/auth jwt_token at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
 			c.String(500, "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgerauth and refer to the docs for more detail. Include this error code: jwt_token_cannotsign.")
 			return
 		}
-		secret_token, err := jwt.NewWithClaims(jwt.SigningMethodRS256, datatemplate2).SignedString(privateKey)
+
+		secrettemp := jwt.NewWithClaims(jwt.SigningMethodRS256, datatemplate2)
+		secrettemp.Header["kid"] = "burgerauth"
+		secret_token, err := secrettemp.SignedString(privateKey)
 		if err != nil {
 			log.Println("[ERROR] Unknown in /api/auth secret_token at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
 			c.String(500, "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgerauth and refer to the docs for more detail. Include this error code: jwt_token_cannotsign_secret.")