Reject tokens missing required fields to prevent KeyError crashes
Tokens issued before 'id' was added to the JWT payload pass signature verification but cause a KeyError when endpoints access user['id']. verify_token() now returns None for any token missing id/username/role, triggering a 401 → the frontend interceptor clears localStorage and redirects to /login so a fresh token is issued automatically. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Nirodan
@@ -21,6 +21,11 @@ def verify_token():
|
|||||||
token = auth_header[7:] # len("Bearer ") == 7; safe because startswith is verified above
|
token = auth_header[7:] # len("Bearer ") == 7; safe because startswith is verified above
|
||||||
try:
|
try:
|
||||||
decoded = decode(token, SECRET_KEY, algorithms=["HS256"])
|
decoded = decode(token, SECRET_KEY, algorithms=["HS256"])
|
||||||
|
# Reject tokens that are missing required fields (e.g. issued before
|
||||||
|
# 'id' was added to the payload) so callers never get a KeyError.
|
||||||
|
if not all(k in decoded for k in ("id", "username", "role")):
|
||||||
|
logger.warning("🔐 Token missing required fields — forcing re-login")
|
||||||
|
return None
|
||||||
return decoded
|
return decoded
|
||||||
except ExpiredSignatureError:
|
except ExpiredSignatureError:
|
||||||
logger.warning("🔐 Token expired")
|
logger.warning("🔐 Token expired")
|
||||||
|
|||||||
Reference in New Issue
Block a user