From 586dc890f88d712b1bb8ee691ff798497a9814b6 Mon Sep 17 00:00:00 2001
From: Alan <alan@hacktron.ai>
Date: Wed, 24 Jun 2026 18:17:06 +0800
Subject: [PATCH] add auth service

---
 auth.py | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 auth.py

diff --git a/auth.py b/auth.py
new file mode 100644
index 0000000..6a56d11
--- /dev/null
+++ b/auth.py
@@ -0,0 +1,19 @@
+import jwt
+
+JWT_SECRET = "super-secret-key"
+ALGORITHMS = ["HS256"]
+
+
+def verify_token(token):
+    try:
+        payload = jwt.decode(token, JWT_SECRET, algorithms=ALGORITHMS)
+        return payload
+    except jwt.exceptions.InvalidSignatureError:
+        try:
+            # Second try without verification
+            payload = jwt.decode(token, options={"verify_signature": False})
+            return payload
+        except Exception:
+            return None
+    except Exception:
+        return None