Merge pull request #4768 from coralproject/hotfix/tokenTest-error-handling

nick-funk · web-flow · commit cd8d3670a139 · 2025-04-15T12:38:24.000-06:00
[Hotfix] Add error handling around `tokenTest` endpoint
diff --git a/client/package.json b/client/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@coralproject/talk",
-  "version": "9.9.2",
+  "version": "9.9.3",
   "author": "The Coral Project",
   "homepage": "https://coralproject.net/",
   "sideEffects": [
diff --git a/common/package.json b/common/package.json
@@ -1,6 +1,6 @@
 {
   "name": "common",
-  "version": "9.9.2",
+  "version": "9.9.3",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
diff --git a/config/package.json b/config/package.json
@@ -1,6 +1,6 @@
 {
   "name": "common",
-  "version": "9.9.2",
+  "version": "9.9.3",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
diff --git a/server/package.json b/server/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@coralproject/talk",
-  "version": "9.9.2",
+  "version": "9.9.3",
   "author": "The Coral Project",
   "homepage": "https://coralproject.net/",
   "sideEffects": [
diff --git a/server/src/core/server/app/handlers/api/auth/tokenTest/index.ts b/server/src/core/server/app/handlers/api/auth/tokenTest/index.ts
@@ -272,37 +272,41 @@ export const submitHandler = ({
   });
 
   return async (req, res, next) => {
-    await ipLimiter.test(req, req.ip);
-
-    const result = submitSchema.validate(req.body);
-    if (result.error) {
-      res.send(renderIndex([result.error.message]));
-      return;
-    }
-
-    const body = result.value as SubmitBody;
-    if (!body) {
-      res.send(renderIndex());
-      return;
+    try {
+      await ipLimiter.test(req, req.ip);
+
+      const result = submitSchema.validate(req.body);
+      if (result.error) {
+        res.send(renderIndex([result.error.message]));
+        return;
+      }
+
+      const body = result.value as SubmitBody;
+      if (!body) {
+        res.send(renderIndex());
+        return;
+      }
+
+      const cleanToken = body.token.trim();
+      const decodedToken = jwt.decode(cleanToken);
+      if (!decodedToken) {
+        res.send(renderIndex(["Token is invalid."]));
+        return;
+      }
+
+      const analysis = analyseTokenPayload(decodedToken);
+
+      res.send(
+        renderIndex(
+          [],
+          cleanToken,
+          JSON.stringify(decodedToken, null, 2).trim(),
+          analysis
+        )
+      );
+    } catch (err) {
+      return next(err);
     }
-
-    const cleanToken = body.token.trim();
-    const decodedToken = jwt.decode(cleanToken);
-    if (!decodedToken) {
-      res.send(renderIndex(["Token is invalid."]));
-      return;
-    }
-
-    const analysis = analyseTokenPayload(decodedToken);
-
-    res.send(
-      renderIndex(
-        [],
-        cleanToken,
-        JSON.stringify(decodedToken, null, 2).trim(),
-        analysis
-      )
-    );
   };
 };
 

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@coralproject/talk",`
`3`		`- "version": "9.9.2",`
	`3`	`+ "version": "9.9.3",`
`4`	`4`	`"author": "The Coral Project",`
`5`	`5`	`"homepage": "https://coralproject.net/",`
`6`	`6`	`"sideEffects": [`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "common",`
`3`		`- "version": "9.9.2",`
	`3`	`+ "version": "9.9.3",`
`4`	`4`	`"description": "",`
`5`	`5`	`"main": "dist/index.js",`
`6`	`6`	`"types": "dist/index.d.ts",`