-
Notifications
You must be signed in to change notification settings - Fork 43
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ExpiredException throws 500 error #7
Comments
FWIW I remember having tested token expiration using this plugin and it responded with the correct error code (I believe it was 419) and not a 500 error. Are you sure you are testing the right way? |
Positive. I am looking at it right now. |
Are you checking with debug on or off? |
With debug on the authenticate class throws the same exception which Jwt lib throws (for which cake most likely returns 500 status). With debug off you will get |
Yup, you're right. |
You can provide a patch to make this behavior configurable. Here's where you will need to add extra check. |
Hello, great plugin, very useful.
The plugin uses firebase JWT to authenticate based on the given token.
However, if the token is expired, firebase throws an ExpiredException, which results in a generic 500 error code.
This can make things problematic when trying to connect the backend with a client-side frontend, as RESTful apps generally check for a 401 error to know they need a new login. A 500 error can mean anything. Yes, a good client-side program can just know when it needs to throw away the token, but with RESTful APIs it is assumed it will serve a wide variety of client-side apps.
The text was updated successfully, but these errors were encountered: