Fix/validate access token user not found #8484
Conversation
…ER_NOT_FOUND` when a user is not found
…ror type - since jest only checks for the message, and no other attributes/methods of the class thrown, see jestjs/jest#13232 (comment) - we actually had a false positive test on the error code
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
There was a problem hiding this comment.
PR Summary
This PR modifies the JWT authentication error handling to properly handle and communicate user not found scenarios, addressing the blank page issue on demo.twenty.com after database resets.
- Changed error code from
INVALID_INPUTtoUSER_NOT_FOUNDinjwt.auth.strategy.tsfor better frontend error handling - Added explicit error code verification in
jwt.auth.strategy.spec.tsto catch false positives in error testing - Modified test case to properly verify both error message and code using try/catch block
- Ensures frontend receives correct error code to trigger login page redirect instead of showing blank screen
2 file(s) reviewed, 1 comment(s)
Edit PR Review Bot Settings | Greptile
| await expect(strategy.validate(payload as JwtPayload)).rejects.toThrow( | ||
| new AuthException('User not found', AuthExceptionCode.INVALID_INPUT), | ||
| new AuthException('User not found', expect.any(String)), | ||
| ); | ||
| try { | ||
| await strategy.validate(payload as JwtPayload); | ||
| } catch (e) { | ||
| expect(e.code).toBe(AuthExceptionCode.USER_NOT_FOUND); | ||
| } |
There was a problem hiding this comment.
style: Redundant error testing - the second test using try/catch is unnecessary since Jest's rejects.toThrow() can check both message and code using a matcher object
There was a problem hiding this comment.
Well... that seems to be wrong, following this comment jestjs/jest#13232 (comment)
However there might be a more elegant way using another matcher inside the .toThrow, but I don't quite have the syntax.
There was a problem hiding this comment.
It's good enough like this imo! Thanks a lot!
Description
Closes #7244
See details about implementation: #7244 (comment) and #7244 (comment)
Changes
USER_NOT_FOUNDerror instead ofINVALID_INPUTerrorAuthExceptionCode, as it wasn't properly tested; it was actually a false positive. This is becausetoThrowfrom jest only checks themessage, and not any other method / attributes from theError. It's a know behaviour and not considered a bug, see [Bug]: Properties of Error subclasses other thanmessageare ignored when usingtoEqual. jestjs/jest#13232 (comment)