From 75aaaa66a8c7df00e1fb80c353d890269296839c Mon Sep 17 00:00:00 2001
From: KernelDeimos <eric.alex.dube@gmail.com>
Date: Fri, 10 Jan 2025 10:27:22 -0500
Subject: [PATCH] fix: improper 500 in wisp token verify

---
 src/backend/src/services/WispService.js | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/backend/src/services/WispService.js b/src/backend/src/services/WispService.js
index 3bde6871..54d34727 100644
--- a/src/backend/src/services/WispService.js
+++ b/src/backend/src/services/WispService.js
@@ -57,10 +57,17 @@ class WispService extends BaseService {
                 const svc_apiError = this.services.get('api-error');
                 const svc_event = this.services.get('event');
 
-                const decoded = svc_token.verify('wisp', req.body.token);
-                if ( decoded.$ !== 'token:wisp' ) {
-                    throw svc_apiError.create('invalid_token');
-                }
+                const decoded = (() => {
+                    try {
+                        const decoded = svc_token.verify('wisp', req.body.token);
+                        if ( decoded.$ !== 'token:wisp' ) {
+                            throw svc_apiError.create('invalid_token');
+                        }
+                        return decoded;
+                    } catch (e) {
+                        throw svc_apiError.create('forbidden');
+                    }
+                })();
                 
                 const svc_getUser = this.services.get('get-user');