ciphera-net/pulse
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 15 Wiki Activity

fix: improve error handling in authentication flow; validate access token and format, and ensure proper state verification in callback

Browse Source
This commit is contained in:
Usman Baig
2026-02-01 21:07:17 +01:00
parent 0dee4a699a
commit af5d9631e5
3 changed files with 54 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/actions/auth.ts
View File

@@ -51,9 +51,14 @@ export async function exchangeAuthCode(code: string, codeVerifier: string, redir
}
const data: AuthResponse = await res.json()
if (!data?.access_token || typeof data.access_token !== 'string') {
throw new Error('Invalid token response')
}
// * Decode payload (without verification, we trust the direct channel to Auth Server)
const payloadPart = data.access_token.split('.')[1]
if (!payloadPart) {
throw new Error('Invalid token format')
}
const payload: UserPayload = JSON.parse(Buffer.from(payloadPart, 'base64').toString())
// * Set Cookies