From 557098c4e36ce5839403fdc1d6965bd4519b2b58 Mon Sep 17 00:00:00 2001
From: Harman-singh-waraich <Waraichharman68@gmail.com>
Date: Fri, 22 Mar 2024 14:54:27 +0530
Subject: [PATCH] feat(web): add-domain-check-in-signrature-verify

---
 web/netlify/functions/authUser.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/netlify/functions/authUser.ts b/web/netlify/functions/authUser.ts
index e49f87582..fdf548933 100644
--- a/web/netlify/functions/authUser.ts
+++ b/web/netlify/functions/authUser.ts
@@ -39,7 +39,7 @@ const authUser = async (event) => {
       // TODO: Ideally we would want to check domain and origin here too, have not added yet since we would need to change the env for each deploy preview
       // on production :-
       // await siweMessage.verify({signature, domain :"kleros", origin :"https://kleros.io"})
-      await siweMessage.verify({ signature });
+      await siweMessage.verify({ signature, domain: event.headers.host });
     } catch (err) {
       throw new Error("Invalid signer");
     }