From aeeb36747c458c444af4849f9df0e2a2ff2108b4 Mon Sep 17 00:00:00 2001
From: chenzhongjie <chenzhongjie@agi7.ai>
Date: Thu, 11 Apr 2024 14:28:48 +0800
Subject: [PATCH] fix

---
 pkg/auth/jwt.go | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/pkg/auth/jwt.go b/pkg/auth/jwt.go
index 7a5acf60..9d179b7f 100644
--- a/pkg/auth/jwt.go
+++ b/pkg/auth/jwt.go
@@ -104,11 +104,12 @@ func (auth *JWTAuthSetterVerifier) VerifyToken(user, token string) error {
 		return fmt.Errorf("claims %v is invalid", parsedToken.Claims)
 	}
 
+	sub := claims["sub"]
+	if sub != "remote_ssh" {
+		return fmt.Errorf("token sub is invalid")
+	}
 	if len(user) > 0 {
-		id, found := claims["email"]
-		if !found {
-			id, _ = claims["id"]
-		}
+		id := claims["aud"]
 		if id != user {
 			return fmt.Errorf("token %s is not for user %s", token, user)
 		}