vivy-agent/AnimeTV-Backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🛂 security: fix auth token validation flow

Browse Source
This commit is contained in:
Rafi Arrafif
2026-02-17 21:33:59 +07:00
parent 63fcd8587b
commit 3122f34093
2 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/helpers/http/jwt/decode/index.ts
View File

@ -9,7 +9,7 @@ export const jwtDecode = (payload: string) => {
try { try {
const decodedPayload = jwt.verify(payload, JWTKey); const decodedPayload = jwt.verify(payload, JWTKey);
return decodedPayload as JWTAuthToken; return decodedPayload as JWTAuthToken;
} catch (error) { } catch {
throw new AppError(401, "Invalid or expired token", error); throw new AppError(403, "Invalid or expired token");
} }
}; };

4
src/modules/auth/services/http/tokenValidation.service.ts
View File

@ -1,9 +1,11 @@
import { AppError } from "../../../../helpers/error/instances/app";
import { ErrorForwarder } from "../../../../helpers/error/instances/forwarder"; import { ErrorForwarder } from "../../../../helpers/error/instances/forwarder";
import { jwtDecode } from "../../../../helpers/http/jwt/decode"; import { jwtDecode } from "../../../../helpers/http/jwt/decode";
export const tokenValidationService = (payload: string) => { export const tokenValidationService = (payload: string) => {
try { try {
if (!payload) return null; if (!payload || payload.trim() === "")
throw new AppError(401, "Unauthorized: No token provided");
const decoded = jwtDecode(payload); const decoded = jwtDecode(payload);
return decoded; return decoded;
} catch (error) { } catch (error) {