all repos

onasty @ f4de4b3

a one-time notes service
2 files changed, 6 insertions(+), 0 deletions(-) 
feat(jwt): handle tokens with invalid signature (#133)
Author: Smirnov Oleksandr ss2316544@gmail.com
Committed by: GitHub noreply@github.com
Committed at: 2025-06-18 17:00:02 +0300
Parent: 40bb8b9
jump to
M internal/jwtutil/jwtutil.go
M internal/transport/http/apiv1/response.go
M internal/jwtutil/jwtutil.go 
@@ -11,6 +11,7 @@ )
 
 var (
 	ErrUnexpectedSigningMethod = errors.New("unexpected signing method")
+	ErrTokenSignatureInvalid   = errors.New("token signature invalid")
 	ErrTokenExpired            = errors.New("token expired")
 )
 

@@ -71,6 +72,10 @@ })
 
 	if errors.Is(err, jwt.ErrTokenExpired) {
 		return Payload{}, ErrTokenExpired
+	}
+
+	if errors.Is(err, jwt.ErrTokenSignatureInvalid) {
+		return Payload{}, ErrTokenSignatureInvalid
 	}
 
 	return Payload{
M internal/transport/http/apiv1/response.go 
@@ -49,6 +49,7 @@ }
 
 	if errors.Is(err, ErrUnauthorized) ||
 		errors.Is(err, jwtutil.ErrTokenExpired) ||
+		errors.Is(err, jwtutil.ErrTokenSignatureInvalid) ||
 		errors.Is(err, models.ErrUserWrongCredentials) {
 		newErrorStatus(c, http.StatusUnauthorized, err.Error())
 		return