Fix: if no jwt is present from the headers when logging out, throw an…

… error
UNICEFECAR · Mar 7, 2024 · 2b008c8 · 2b008c8
1 parent aaa3c10
commit 2b008c8
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/service/controllers/auth.js b/service/controllers/auth.js
@@ -7,7 +7,7 @@ import {
   invalidateRefreshToken,
 } from "#queries/authTokens";
 
-import { invalidRefreshToken } from "#utils/errors";
+import { incorrectCredentials, invalidRefreshToken } from "#utils/errors";
 import { getYearInMilliseconds } from "#utils/helperFunctions";
 import { logoutAdminQuery } from "#queries/admins";
 
@@ -92,6 +92,7 @@ export const logoutAdmin = async ({
   admin_id,
   jwt: jwtFromHeaders,
 }) => {
+  if (!jwtFromHeaders) throw incorrectCredentials(language);
   const decoded = jwt.decode(jwtFromHeaders);
 
   const isSameID = decoded.sub === admin_id;