🛂 security: fix auth token validation flow

shared/models/auth/validateAndDecodeJWT.ts

@@ -1,6 +1,7 @@
 "use server";
 
 import { backendFetch, BackendResponse } from "@/shared/helpers/backendFetch";
+import { redirect } from "next/navigation";
 import { cookies } from "next/headers";
 
 export interface UserSession {
@@ -30,18 +31,14 @@ export interface UserSession {
 }
 
 export const validateAndDecodeJWT = async (): Promise<UserSession | null> => {
-  const cookieHeader = (await cookies()).get("auth_token")?.value;
-
-  if (!cookieHeader) {
-    return null;
-  }
-
+  "use server";
   const res = (await backendFetch("auth/token/validate", {
     method: "POST",
-    body: JSON.stringify({
-      token: cookieHeader,
-    }),
   })) as BackendResponse<UserSession>;
 
-  return res.data!;
+  if (res.status === 403) {
+    redirect("/auth/logout");
+  }
+
+  return res.data ?? null;
 };