Merge pull request #1008 from spacebarchat/dev/samuel

1 files changed, 13 insertions, 4 deletions

diff --git a/src/api/middlewares/Authentication.ts b/src/api/middlewares/Authentication.ts
index 400a16f4..0aa585e5 100644
--- a/src/api/middlewares/Authentication.ts
+++ b/src/api/middlewares/Authentication.ts
@@ -18,8 +18,9 @@
 
 import { checkToken, Config, Rights } from "@fosscord/util";
 import * as Sentry from "@sentry/node";
-import { NextFunction, Request, Response } from "express";
+import { NextFunction, Request, Response, Router } from "express";
 import { HTTPError } from "lambert-server";
+import { createSecretKey, KeyObject } from "crypto";
 
 export const NO_AUTHORIZATION_ROUTES = [
 	// Authentication routes
@@ -69,6 +70,16 @@ declare global {
 	}
 }
 
+let jwtPublicKey: KeyObject;
+
+// Initialize the jwt secret as a key object so it does not need to be regenerated for each request.
+export function initAuthentication(api: Router) {
+	jwtPublicKey = createSecretKey(
+		Buffer.from(Config.get().security.jwtSecret),
+	);
+	api.use(Authentication);
+}
+
 export async function Authentication(
 	req: Request,
 	res: Response,
@@ -90,11 +101,9 @@ export async function Authentication(
 	Sentry.setUser({ id: req.user_id });
 
 	try {
-		const { jwtSecret } = Config.get().security;
-
 		const { decoded, user } = await checkToken(
 			req.headers.authorization,
-			jwtSecret,
+			jwtPublicKey,
 		);
 
 		req.token = decoded;