Need graceful handling for invalid token cookies

heyheyjp commented 8 years ago

Getting the following issue when hitting http://idm.learnersguild.dev (locally) after resetting database.

Haven't looked into the code much, but guessing it has something to do with having a cookie + token, but that token being invalid?

Authentication should fail gracefully; would expect to be directed to sign in/up.

ERROR updating user from IDM service: Error: No such user
    at /Users/essjay-lg/Development/lg/idm/node_modules/@learnersguild/idm-jwt-auth/lib/utils.js:56:13
    at run (/Users/essjay-lg/Development/lg/idm/node_modules/core-js/modules/es6.promise.js:89:22)
    at /Users/essjay-lg/Development/lg/idm/node_modules/core-js/modules/es6.promise.js:102:28
    at flush (/Users/essjay-lg/Development/lg/idm/node_modules/core-js/modules/_microtask.js:18:9)
    at nextTickCallbackWith0Args (node.js:453:9)
    at process._tickCallback (node.js:382:13)

heyheyjp commented 8 years ago

Confirmed - deleting the cookie resulted in getting the redirect experience expected.

jeffreywescott commented 7 years ago

This got fixed in idm-jwt-auth: https://github.com/LearnersGuild/idm-jwt-auth/blob/master/src/middlewares.js#L90-L118

LearnersGuild / idm

Need graceful handling for invalid token cookies #93