From b84d839a01bece78fdd57b45d001c87288f4b20a Mon Sep 17 00:00:00 2001
From: Alexander Onnikov <aonnikov@hardcoreeng.com>
Date: Tue, 25 Mar 2025 13:22:20 +0700
Subject: [PATCH] fix: handle token errors in front service (#8336)

---
 server/front/src/index.ts | 8 ++++++++
 server/token/src/token.ts | 6 +++++-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/server/front/src/index.ts b/server/front/src/index.ts
index 9a49eb950e..a167ed9ff1 100644
--- a/server/front/src/index.ts
+++ b/server/front/src/index.ts
@@ -525,6 +525,10 @@ export function start (
             )
           }
         } catch (error: any) {
+          if (error instanceof TokenError) {
+            res.status(401).send()
+            return
+          }
           if (
             error?.code === 'NoSuchKey' ||
             error?.code === 'NotFound' ||
@@ -633,6 +637,10 @@ export function start (
 
       res.status(200).send()
     } catch (error: any) {
+      if (error instanceof TokenError) {
+        res.status(401).send()
+        return
+      }
       Analytics.handleError(error)
       ctx.error('failed to delete', { url: req.url })
       res.status(500).send()
diff --git a/server/token/src/token.ts b/server/token/src/token.ts
index 7b1eafe7c0..9a9bf1901d 100644
--- a/server/token/src/token.ts
+++ b/server/token/src/token.ts
@@ -45,7 +45,11 @@ export function generateToken (
  * @public
  */
 export function decodeToken (token: string, verify: boolean = true, secret?: string): Token {
-  return decode(token, secret ?? getSecret(), !verify)
+  try {
+    return decode(token, secret ?? getSecret(), !verify)
+  } catch (err: any) {
+    throw new TokenError(err.message)
+  }
 }
 
 /**