== How to fix it in python-jwt

=== Code examples

include::../../common/fix/code-rationale-decode.adoc[]

==== Noncompliant code example

[source,python,diff-id=11,diff-type=noncompliant]
----
import python_jwt as jwt

jwt.process_jwt(token) # Noncompliant
----

==== Compliant solution

[source,python,diff-id=11,diff-type=compliant]
----
import python_jwt as jwt

jwt.process_jwt(token)
jwt.verify_jwt(token, key, ['HS256'])
----

=== How does this work?

include::../../common/fix/decode.adoc[]

=== Going the extra mile

include::../../common/extra-mile/key-storage.adoc[]

include::../../common/extra-mile/key-rotation.adoc[]