I'm using flask-jwt-extended
library for my authentication, everything works but I want to check if someone sent a manipulated JWT token with ALG = none
, since that's a known vulnerable point that's used to deceive the server.
I looked into the documentation but I didn't find which option that let's me check what's being received in alg
on all requests.
Thanks.