sartography
/
spiff-arena
mirror of https://github.com/sartography/spiff-arena.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

force user logout if token cannot be decoded w/ burnettk

This commit is contained in:
jasquat 2024-01-18 14:51:04 -05:00
parent 11384c2a47
commit 0ab1ca446c
No known key found for this signature in database
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
spiffworkflow-backend/src/spiffworkflow_backend/routes/authentication_controller.py
View File

@ -440,7 +440,8 @@ def _get_decoded_token(token: str) -> dict:
try:
decoded_token: dict = AuthenticationService.parse_jwt_token(_get_authentication_identifier_from_request(), token)
except Exception as e:
raise ApiError(error_code="invalid_token", message="Cannot decode token.") from e
AuthenticationService.set_user_has_logged_out()
raise ApiError(error_code="invalid_token", message="Cannot decode token.", status_code=401) from e
else:
if "iss" in decoded_token:
return decoded_token