nhcarrigan/elysium
9
0
Fork 0
generated from nhcarrigan/template
Code Issues 5 Pull Requests 1 Actions Releases 10 Activity
Files
e341db56af908f20e26f64ebc524e672c912777e
elysium/apps/api/src/middleware/auth.ts
T
hikari 2bc47b79aa
Security Scan and Upload / Security & DefectDojo Upload (push) Successful in 1m4s
Details
CI / Lint, Build & Test (push) Successful in 1m11s
Details
fix: suppress expired-token log noise and redirect expired sessions to login (#241) 
## Summary

- **Server**: `authMiddleware` no longer calls `logger.error` for expired tokens — expiry is expected behaviour, not an error. Only tampered signatures and malformed tokens (genuinely suspicious) still log.
- **Client**: `fetchJson` now handles 401 responses by clearing `elysium_token` and `elysium_save_signature` from localStorage and redirecting to `/`. Players whose 30-day token has expired will see the login page instead of a stuck "Invalid or expired token" error screen with no recovery path.

Closes #241

 This PR was created with help from Hikari~ 🌸

Reviewed-on: #241
Co-authored-by: Hikari <hikari@nhcarrigan.com>
Co-committed-by: Hikari <hikari@nhcarrigan.com>
2026-04-06 20:17:28 -07:00

54 lines
1.6 KiB
TypeScript
Raw Blame History

/**
* @file Authentication middleware for validating JWT tokens.
* @copyright nhcarrigan
* @license Naomi's Public License
* @author Naomi Carrigan
*/
import { verifyToken } from "../services/jwt.js";
import { logger } from "../services/logger.js";
import type { HonoEnvironment } from "../types/hono.js";
import type { MiddlewareHandler } from "hono";
/**
* Validates the Authorization Bearer token on each request and attaches the discordId to context.
* @param context - The Hono context object.
* @param next - The next middleware handler.
* @returns A JSON error response if authentication fails, otherwise calls next.
*/
export const authMiddleware: MiddlewareHandler<HonoEnvironment> = async(
context,
next,
) => {
const authorization = context.req.header("Authorization");
if (authorization?.startsWith("Bearer ") !== true) {
return context.json(
{ error: "Missing or invalid Authorization header" },
401,
);
}
const token = authorization.slice(7);
try {
const payload = verifyToken(token);
context.set("discordId", payload.discordId);
} catch (error) {
const isExpiredToken
= error instanceof Error && error.message === "Token has expired";
if (!isExpiredToken) {
void logger.error(
"auth_middleware",
error instanceof Error
? error
: new Error(String(error)),
);
}
return context.json({ error: "Invalid or expired token" }, 401);
}
// eslint-disable-next-line @typescript-eslint/no-confusing-void-expression -- Need the consistent return!
return await next();
};
Reference in New Issue View Git Blame Copy Permalink