eletrotupi / tcc / commit / bbb8003

api: handle missing user on verify token

Pedro Lucas Porcellis porcellis@eletrotupi.com 1 month ago bbb80036d1fb95c004d43f4a3ce3e71029997027
Parents: c50ef5d
1 file(s) changed
  • api/src/controllers/auth.ts +13 -4
api/src/controllers/auth.ts
@@ -95,15 +95,24 @@ const token = authHeader.substring(7);
95 95 const payload = verifyToken(token);
96 96 const user = await findUserByEmail(payload.email);
97 97
98 + if (!user) {
99 + // XXX: Investigate which actual cases this would happen
100 + // But the possible reason is that a token is living inside
101 + // the user's phone, but somehow he was banned/deleted
102 + return res.status(404).json({
103 + errors: "User does not exist anymore"
104 + });
105 + }
106 +
98 107 res.json({
99 108 valid: true,
100 109 userId: payload.userId,
101 110 email: payload.email,
102 111 user: {
103 - firstName: user?.firstName,
104 - email: user?.email,
105 - lastName: user?.lastName,
106 - updatedAt: user?.updatedAt
112 + firstName: user.firstName,
113 + email: user.email,
114 + lastName: user.lastName,
115 + updatedAt: user.updatedAt
107 116 }
108 117 });
109 118 } catch (err: any) {