From e944b2a2f5d2792cb2d9412708d87815f0e8088c Mon Sep 17 00:00:00 2001
From: Nicholas Wallace <nicholaslwallace@gmail.com>
Date: Thu, 21 May 2026 17:08:39 -0700
Subject: [PATCH] Add unique UUID to access and refresh tokens

---
 server/auth/TokenManager.js | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/server/auth/TokenManager.js b/server/auth/TokenManager.js
index 42ca262bb..5933209c7 100644
--- a/server/auth/TokenManager.js
+++ b/server/auth/TokenManager.js
@@ -1,4 +1,5 @@
 const { Op } = require('sequelize')
+const uuid = require('uuid')
 
 const Database = require('../Database')
 const Logger = require('../Logger')
@@ -115,6 +116,7 @@ class TokenManager {
     const payload = {
       userId: user.id,
       username: user.username,
+      jti: uuid.v4(),
       type: 'access'
     }
     const options = {
@@ -138,6 +140,7 @@ class TokenManager {
     const payload = {
       userId: user.id,
       username: user.username,
+      jti: uuid.v4(),
       type: 'refresh'
     }
     const options = {