From f6b5ed389a4d08238a1797527a403259b3c24ad5 Mon Sep 17 00:00:00 2001
From: canove <cassio@economicros.com.br>
Date: Thu, 24 Sep 2020 14:08:57 -0300
Subject: [PATCH] improvement: better token error handling

---
 backend/src/middleware/isAuth.ts | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/backend/src/middleware/isAuth.ts b/backend/src/middleware/isAuth.ts
index cc9d0be..1aa6218 100644
--- a/backend/src/middleware/isAuth.ts
+++ b/backend/src/middleware/isAuth.ts
@@ -21,13 +21,17 @@ const isAuth = (req: Request, res: Response, next: NextFunction): void => {
 
   const [, token] = authHeader.split(" ");
 
-  const decoded = verify(token, authConfig.secret);
-  const { id, profile } = decoded as TokenPayload;
+  try {
+    const decoded = verify(token, authConfig.secret);
+    const { id, profile } = decoded as TokenPayload;
 
-  req.user = {
-    id,
-    profile
-  };
+    req.user = {
+      id,
+      profile
+    };
+  } catch (err) {
+    throw new AppError("Invalid token.", 403);
+  }
 
   return next();
 };