Open lautarodragan opened 5 years ago
The authorization middleware sets the status to 404 if doesn't find the user associated with the token.
https://github.com/poetapp/frost-api/blob/58135e73c2795580979ccfedfea7c42c2f1a6328/src/middlewares/authorization.ts#L28-L32
This can happen when the user changes their email address — tokens created before the change will remain associated to the previous address.
In this case, a simple Not Found error message provides little to no guidance.
Not Found
Replace with Invalid Token, which is more correct, and logger.warning details of the event.
Invalid Token
logger.warning
Will be mitigated by https://github.com/poetapp/frost-api/issues/916
The authorization middleware sets the status to 404 if doesn't find the user associated with the token.
https://github.com/poetapp/frost-api/blob/58135e73c2795580979ccfedfea7c42c2f1a6328/src/middlewares/authorization.ts#L28-L32
This can happen when the user changes their email address — tokens created before the change will remain associated to the previous address.
In this case, a simple
Not Found
error message provides little to no guidance.Replace with
Invalid Token
, which is more correct, andlogger.warning
details of the event.