🛂 security: fix auth token validation flow

2026-02-17 21:33:59 +07:00
parent 63fcd8587b
commit 3122f34093
2 changed files with 5 additions and 3 deletions
--- a/src/modules/auth/services/http/tokenValidation.service.ts
+++ b/src/modules/auth/services/http/tokenValidation.service.ts
@ -1,9 +1,11 @@
+import { AppError } from "../../../../helpers/error/instances/app";
 import { ErrorForwarder } from "../../../../helpers/error/instances/forwarder";
 import { jwtDecode } from "../../../../helpers/http/jwt/decode";

 export const tokenValidationService = (payload: string) => {
  try {
-    if (!payload) return null;
+    if (!payload || payload.trim() === "")
+      throw new AppError(401, "Unauthorized: No token provided");
    const decoded = jwtDecode(payload);
    return decoded;
  } catch (error) {