chore: respond with 'bad request' when token claims are invalid

teamhanko · Dec 30, 2024 · b9c6d27 · b9c6d27
1 parent 11b5da0
commit b9c6d27
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/backend/handler/session.go b/backend/handler/session.go
@@ -47,7 +47,7 @@ func (h *SessionHandler) ValidateSession(c echo.Context) error {
 
 			claims, err := dto.GetClaimsFromToken(token)
 			if err != nil {
-				return c.JSON(http.StatusOK, dto.ValidateSessionResponse{IsValid: false})
+				return echo.NewHTTPError(http.StatusBadRequest, fmt.Errorf("failed to parse token claims: %w", err))
 			}
 
 			sessionModel, err := h.persister.GetSessionPersister().Get(claims.SessionID)
@@ -96,7 +96,7 @@ func (h *SessionHandler) ValidateSessionFromBody(c echo.Context) error {
 
 	claims, err := dto.GetClaimsFromToken(token)
 	if err != nil {
-		return c.JSON(http.StatusOK, dto.ValidateSessionResponse{IsValid: false})
+		return echo.NewHTTPError(http.StatusBadRequest, fmt.Errorf("failed to parse token claims: %w", err))
 	}
 
 	sessionModel, err := h.persister.GetSessionPersister().Get(claims.SessionID)