tdpeuter/2025SELab2-project-Dwengo
tdpeuter/2025SELab2-project-Dwengo
1
Fork 0
Code Issues Releases 4 Packages 2 Wiki Activity

Backend geeft nu een 401 ipv. een 500 terug voor de 'expired jwt' fout

Browse source
This commit is contained in:
Gerald Schmittinger 2025-04-19 10:03:54 +02:00
parent 61c751c343
commit c2f3a6169a
7 changed files with 132 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

4
backend/src/middleware/auth/auth.ts
View file

@ -48,14 +48,14 @@ const idpConfigs = {
const verifyJwtToken = expressjwt({
secret: async (_: express.Request, token: jwt.Jwt | undefined) => {
if (!token?.payload || !(token.payload as JwtPayload).iss) {
throw new Error('Invalid token');
throw new UnauthorizedException("Invalid token.")
}
const issuer = (token.payload as JwtPayload).iss;
const idpConfig = Object.values(idpConfigs).find((config) => config.issuer === issuer);
if (!idpConfig) {
throw new Error('Issuer not accepted.');
throw new UnauthorizedException('Issuer not accepted.');
}
const signingKey = await idpConfig.jwksClient.getSigningKey(token.header.kid);