fix(security): handle errors and prevent unnecessary token refresh

jxxghp · Oct 9, 2024 · 55403cd · 55403cd
1 parent 871f8d3
commit 55403cd
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/app/core/security.py b/app/core/security.py
@@ -105,9 +105,10 @@ def __set_or_refresh_resource_token_cookie(request: Request, response: Response,
                 # 如果剩余时间少于 2 分钟，刷新令牌
                 if remaining_time < timedelta(minutes=2):
                     raise jwt.ExpiredSignatureError
-        except jwt.ExpiredSignatureError:
-            # 如果令牌过期或即将过期，刷新令牌
-            pass
+        except jwt.PyJWTError:
+            logger.debug(f"Token error occurred. refreshing token")
+        except Exception as e:
+            logger.debug(f"Unexpected error occurred while decoding token: {e}")
         else:
             # 如果令牌有效且没有即将过期，则不需要刷新
             return