From f461dcc913436388baf8be5282198ff1ced2aec9 Mon Sep 17 00:00:00 2001
From: ilkin-overleaf <100852799+ilkin-overleaf@users.noreply.github.com>
Date: Tue, 20 Jan 2026 16:55:16 +0200
Subject: [PATCH] Merge pull request #30883 from
 overleaf/ii-domain-capture-url-expiry

[web] Add option to skip expiration checking when decoding JWT

GitOrigin-RevId: bc81b9e0581286ac26b0c31f0cb48e743bca5f9c
---
 services/web/app/src/infrastructure/JsonWebToken.mjs | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/services/web/app/src/infrastructure/JsonWebToken.mjs b/services/web/app/src/infrastructure/JsonWebToken.mjs
index f85d77a747..7795316af0 100644
--- a/services/web/app/src/infrastructure/JsonWebToken.mjs
+++ b/services/web/app/src/infrastructure/JsonWebToken.mjs
@@ -14,9 +14,11 @@ async function sign(payload, options = {}) {
   return token
 }
 
-function getDecoded(token) {
+function getDecoded(token, options = {}) {
   const key = Settings.jwt.key
-  const decoded = JWT.verify(token, key)
+  const decoded = JWT.verify(token, key, {
+    ignoreExpiration: options.ignoreExpiration,
+  })
   return decoded
 }