From 55403cd8a8677d4fb8556577b2a57de8e4337086 Mon Sep 17 00:00:00 2001
From: InfinityPacer <160988576+InfinityPacer@users.noreply.github.com>
Date: Thu, 10 Oct 2024 01:40:13 +0800
Subject: [PATCH] fix(security): handle errors and prevent unnecessary token
 refresh

---
 app/core/security.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/app/core/security.py b/app/core/security.py
index 35918d20..7dcc7697 100644
--- a/app/core/security.py
+++ b/app/core/security.py
@@ -105,9 +105,10 @@ def __set_or_refresh_resource_token_cookie(request: Request, response: Response,
                 # 如果剩余时间少于 2 分钟，刷新令牌
                 if remaining_time < timedelta(minutes=2):
                     raise jwt.ExpiredSignatureError
-        except jwt.ExpiredSignatureError:
-            # 如果令牌过期或即将过期，刷新令牌
-            pass
+        except jwt.PyJWTError:
+            logger.debug(f"Token error occurred. refreshing token")
+        except Exception as e:
+            logger.debug(f"Unexpected error occurred while decoding token: {e}")
         else:
             # 如果令牌有效且没有即将过期，则不需要刷新
             return