search

Hello-World-Software-Studios / calculator

Carpenter's tool for wall layout
0 stars 1 forks source link

Optional: Better error handing in authorize #62

Closed ecumene closed 3 years ago

ecumene commented 3 years ago 
module.exports = async (req, res, next) => {
  try {
    const jwtToken = await req.header("Authorization");
    if (!jwtToken) {
      res.status(403).json({ message: "No access token" });
    }

    const payload = await jwt.verify(jwtToken.replace("Bearer ", ""), process.env.jwtSecret);
    res.json({ "id": payload.id });
  } catch (err) {
    res.status(500).json({ message: err.message });
  }
  next();
};
  1. No access token -> 400
  2. Try catch around payload

Something like...

  try {
    const payload = await jwt.verify(jwtToken.replace("Bearer ", ""), process.env.jwtSecret);
  } catch (err) {
    res.status(403).json({ message: `Error during authorization: ${err.message}` });
  }
JPM709 commented 3 years ago

Is this an acceptable use case for nested try/catch statements?

module.exports = async (req, res, next) => {
  try {
    const jwtToken = await req.header("Authorization");
    if (!jwtToken) {
      res.status(400).json({message: "No access token"});
    }
    try {
      const payload = await jwt.verify(
        jwtToken.replace("Bearer ", ""),
        process.env.jwtSecret
      );
      req.id = payload.id;
    } catch (err) {
      res.status(403).json({message: `Error during authorization: ${err.message}`});
    }
  } catch (err) {
    res.status(403).json({message: err.message});
  }
  next();
};