Violation of Single Responsibility Principle: #1699
Description
Some function can throw or return error.
For example 'decodeJWTPayload" can throw an error JWT is not valid: not a JWT structure that will then be throw by setSession.
setSession is define to return an error.
setSession (and other function) should make a choice between throw error or return but not both => it’s not a good practice for a function to sometimes throw an error and at other times return a value indicating an error. This can lead to confusion, inconsistency, and difficulty in understanding how the function behaves for users/developpers and maintenance.