Merge pull request #12 from eshwinrio/bugfix/KAYA-44-JWT-Expiration-t…

…hrows-InternalServerError bugfix/KAYA-44-JWT-Expiration-throws-InternalServerError
eshwinrio · Feb 12, 2024 · 2e2f342 · 2e2f342
2 parents 0bea62d + aae246a
commit 2e2f342
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/auth-server/src/middlewares/require-access-token.ts b/auth-server/src/middlewares/require-access-token.ts
@@ -4,6 +4,7 @@ import httpErrors from 'http-errors';
 import qs from 'qs';
 import { AccessTokenPayload, verifyAccessToken } from '../lib/token.js';
 import validator from 'validator';
+import jsonwebtoken from 'jsonwebtoken';
 
 type Locals = Record<'accessTokenData', AccessTokenPayload>;
 type AccessTokenEnforcer = RequestHandler<ParamsDictionary, any, any, qs.ParsedQs, Locals>;
@@ -22,6 +23,10 @@ export default function (): AccessTokenEnforcer {
       response.locals.accessTokenData = accessTokenData;
       next();
     } catch (error) {
+      if (error instanceof jsonwebtoken.TokenExpiredError) {
+        response.clearCookie('access_token');
+        return next(httpErrors.Unauthorized('Access token expired'));
+      }
       next(error);
     }
   };