e48adbcb00
- Migrated from Python pre-commit to NodeJS-native solution - Reorganized documentation structure - Set up Husky + lint-staged for efficient pre-commit hooks - Fixed Dockerfile healthcheck issue - Added comprehensive documentation index
44 lines
1.0 KiB
TypeScript
44 lines
1.0 KiB
TypeScript
import { NextFunction, Request, Response } from 'express';
|
|
|
|
/**
|
|
* Custom AuthError class that extends Error with HTTP status code
|
|
* Security: Provides consistent error handling for authentication issues
|
|
*/
|
|
export class AuthError extends Error {
|
|
statusCode: number;
|
|
|
|
constructor(message: string, statusCode: number = 401) {
|
|
super(message);
|
|
this.statusCode = statusCode;
|
|
this.name = 'AuthError';
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Middleware to handle AuthError exceptions
|
|
* Security: Centralized error handling for authentication errors
|
|
*/
|
|
export const handleAuthError = (
|
|
err: Error,
|
|
req: Request,
|
|
res: Response,
|
|
next: NextFunction
|
|
) => {
|
|
if (err instanceof AuthError) {
|
|
return res.status(err.statusCode).json({
|
|
error: err.message,
|
|
statusCode: err.statusCode,
|
|
});
|
|
}
|
|
|
|
// Handle JWT verification errors
|
|
if (err.name === 'JsonWebTokenError' || err.name === 'TokenExpiredError') {
|
|
return res.status(401).json({
|
|
error: 'Invalid or expired token',
|
|
statusCode: 401,
|
|
});
|
|
}
|
|
|
|
next(err);
|
|
};
|