Reject tokens missing required fields to prevent KeyError crashes
Tokens issued before 'id' was added to the JWT payload pass signature verification but cause a KeyError when endpoints access user['id']. verify_token() now returns None for any token missing id/username/role, triggering a 401 → the frontend interceptor clears localStorage and redirects to /login so a fresh token is issued automatically. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Nirodan
@@ -21,6 +21,11 @@ def verify_token():
|
||||
token = auth_header[7:] # len("Bearer ") == 7; safe because startswith is verified above
|
||||
try:
|
||||
decoded = decode(token, SECRET_KEY, algorithms=["HS256"])
|
||||
# Reject tokens that are missing required fields (e.g. issued before
|
||||
# 'id' was added to the payload) so callers never get a KeyError.
|
||||
if not all(k in decoded for k in ("id", "username", "role")):
|
||||
logger.warning("🔐 Token missing required fields — forcing re-login")
|
||||
return None
|
||||
return decoded
|
||||
except ExpiredSignatureError:
|
||||
logger.warning("🔐 Token expired")
|
||||
|
||||
Reference in New Issue
Block a user