Closed alfredvaa closed 6 years ago
Please, use the corresponding repository: https://github.com/nestjs/passport
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
I'm submitting a...
Current behavior
I am using guards in a Gateway, and together with that, the passport jwt strategy from the documentation example.
Using a custom extractor I am able to send the jwt as a query parameter with the initial socket request to be authenticated:
There is a problem when the token has expired which is that UnauthorizedException is thrown within @nestjs/passport/options.js and that one is extending HttpException. This causes an internal server error to be visible to the client because in @nestjs/websockets all errors that are not WsExceptions is returning internal server error.
Expected behavior
Is it possible to override or catch the error thrown when the jwt token is not valid? I would like to throw a WsException instead.
It would also be useful if this could be handled in the validate action within the strategy, but that one seems to be called after the actual verification of the jwt token, meaning that the error has already been thrown.
Minimal reproduction of the problem with instructions
What is the motivation / use case for changing the behavior?
It is not possible to handle expired access when using sockets, which it should be.
Environment