fix: validate token on isAuthenticated

[DanielRivers]

Explain your changes

This replaces jwt-decode with @kinde/jwt-decoder Added token validation check to the isAuthenticated method Added token validation check to the authMiddleware

Checklist

• [x] I have read the “Pull requests” section in the contributing guidelines.
• [x] I agree to the terms within the code of conduct.

🛟 If you need help, consider asking for advice over in the Kinde community.

[coderabbitai[bot]]

Walkthrough

This pull request updates the authentication logic by replacing the jwt_decode function with jwtDecoder from the @kinde/jwt-decoder package across multiple files. The modifications streamline the handling of access and ID tokens, enhance type safety, and simplify the decoding process. Method signatures and import statements have been updated accordingly to reflect these changes, ensuring consistency and clarity in the authentication middleware and related functions.

Changes

File(s)	Change Summary
src/authMiddleware/authMiddleware.ts, src/handlers/setup.ts	Replaced jwt_decode with jwtDecoder, updated method signatures, and adjusted handling logic.
src/session/getAccessToken.js, src/session/getIdToken.js,	Replaced jwt_decode with jwtDecoder, updated method signatures, and adjusted handling logic.
src/session/getUser.ts, src/session/getUserOrganizations.ts,	Replaced jwt_decode with jwtDecoder, updated method signatures, and adjusted handling logic.
src/session/isAuthenticated.js, src/utils/pageRouter/isTokenValid.js	Replaced jwt_decode with jwtDecoder, updated method signatures, and adjusted handling logic.

Possibly related PRs

• #189: This PR modifies the isTokenValid function, which is directly related to the changes made in the main PR regarding the authentication logic and token handling.
• #202: This PR addresses the isAuthenticated property from the useKindeAuth hook, which is relevant to the overall authentication process that the main PR updates.
• #215: This PR involves changes to the token handling logic in the createKindeManagementAPIClient function, which aligns with the updates made in the main PR regarding token validity and management.

Suggested reviewers

• coel
• DaveOrDead
• peterphanouvong
• alex72508
• evgenyk

---

📜 Recent review details

**Configuration used: CodeRabbit UI** **Review profile: CHILL**

📥 Commits

Files that changed from the base of the PR and between 2915750e050303e8d422cd36ab7a847c2fd6c61c and 6dfe30ea15d20074e88946681a1ef803beca3747.

📒 Files selected for processing (2)

* src/authMiddleware/authMiddleware.ts (4 hunks) * src/utils/pageRouter/isTokenValid.js (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

* src/utils/pageRouter/isTokenValid.js

🧰 Additional context used

🔇 Additional comments (5)

src/authMiddleware/authMiddleware.ts (5)

`4-5`: **LGTM: Improved imports and type definitions** The changes to the import statements align well with the PR objectives. Replacing `jwt-decode` with `@kinde/jwt-decoder` and importing specific types (`KindeAccessToken` and `KindeIdToken`) from a local types file should improve type safety and maintainability. --- `16-16`: **LGTM: Simplified authentication check** The updated `isAuthenticated` check using `isTokenValid(kinde_token?.value)` is a good improvement. It simplifies the logic and aligns with the PR objectives of enhancing token validation. The use of optional chaining is also a good practice to prevent potential errors if the token is undefined. --- `60-65`: **LGTM: Improved token decoding with better type safety** The changes in this segment are excellent: 1. Replacing `jwt_decode` with `jwtDecoder` aligns with the PR objectives. 2. Adding type parameters (`KindeAccessToken` and `KindeIdToken`) improves type safety. 3. Using optional chaining (`?.`) for both `access_token` and `id_token` addresses potential undefined values, resolving a previous review comment. These updates enhance the overall robustness and type safety of the token handling process. --- `100-100`: _:warning: Potential issue_ **Address TypeScript error instead of using @ts-ignore** The `@ts-ignore` comment is still present, which was flagged in a previous review. It's important to address the underlying TypeScript error rather than suppressing it. This ensures better type safety and helps prevent potential runtime issues. Could you please investigate the cause of the TypeScript error and resolve it? If you need assistance, I'd be happy to help identify and fix the issue. --- `117-117`: _:warning: Potential issue_ **Resolve TypeScript error instead of using @ts-ignore** Similar to the previous instance, the `@ts-ignore` comment remains here as well. It's crucial to address the root cause of the TypeScript error rather than suppressing it with `@ts-ignore`. This ensures better type safety and helps maintain a robust codebase. Please investigate and resolve the underlying TypeScript error. If you need any assistance in identifying or fixing the issue, feel free to ask.

--- Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

- [X](https://twitter.com/intent/tweet?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A&url=https%3A//coderabbit.ai) - [Mastodon](https://mastodon.social/share?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A%20https%3A%2F%2Fcoderabbit.ai) - [Reddit](https://www.reddit.com/submit?title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&text=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code.%20Check%20it%20out%3A%20https%3A//coderabbit.ai) - [LinkedIn](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcoderabbit.ai&mini=true&title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&summary=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code)

🪧 Tips

### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit , please review it.` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` - `@coderabbitai help me debug CodeRabbit configuration file.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (Invoked using PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger an incremental review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai full review` to do a full review from scratch and review all the files again. - `@coderabbitai summary` to regenerate the summary of the PR. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai configuration` to show the current CodeRabbit configuration for the repository. - `@coderabbitai help` to get help. ### Other keywords and placeholders - Add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. - Add `@coderabbitai summary` to generate the high-level summary at a specific location in the PR description. - Add `@coderabbitai` anywhere in the PR title to generate the title automatically. ### CodeRabbit Configuration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](http://discord.gg/coderabbit) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.