fix: include InvalidSignature in JWT validation error handling

2025-12-20 18:21:54 +08:00
parent be63fcbc37
commit 0cd6e837fc
1 changed files with 2 additions and 2 deletions
--- a/apps/api/src/services/auth/authentication.rs
+++ b/apps/api/src/services/auth/authentication.rs
@@ -5,7 +5,7 @@ use std::{collections::HashSet, sync::Arc};
 use argon2::password_hash::{SaltString, rand_core::OsRng};
 use jsonwebtoken::{
    DecodingKey, EncodingKey, Header, Validation, decode, encode,
-    errors::ErrorKind::{ExpiredSignature, InvalidSubject, InvalidToken},
+    errors::ErrorKind::{ExpiredSignature, InvalidSignature, InvalidSubject, InvalidToken},
 };
 use sea_orm::prelude::Uuid;
 use serde::{Deserialize, Serialize};
@@ -124,7 +124,7 @@ impl AuthenticationService for AuthenticationServiceImpl {
        match decode::<Claims>(token, &decoding_key, &validation) {
            Ok(data) => Ok(Some(data.claims)),
            Err(err) => match *err.kind() {
-                InvalidToken | InvalidSubject | ExpiredSignature => Ok(None),
+                InvalidToken | InvalidSubject | ExpiredSignature | InvalidSignature => Ok(None),
                _ => Err(ServiceError::InternalError(format!(
                    "JWT validation error: {}",
                    err