From 67457b0f8b7a213c546ac9118e00e07268d28944 Mon Sep 17 00:00:00 2001
From: kyuuseiryuu <kyuuseiryuu@gmail.com>
Date: Wed, 25 Mar 2026 12:04:31 +0900
Subject: [PATCH] fix(server): handle token verification errors gracefully

Wrap the verifyLogtoToken promise with a catch block to prevent
unhandled promise rejections. When token verification fails,
return an empty payload instead of throwing an error, ensuring
the application continues to run without crashing.

- Added .catch(() => ({ payload: {} })) to the token verification logic
- Prevents downstream errors when the token is invalid or missing
---
 src/utils/server.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/utils/server.ts b/src/utils/server.ts
index 7e4346b..837cdd2 100644
--- a/src/utils/server.ts
+++ b/src/utils/server.ts
@@ -68,7 +68,7 @@ export const verifyLogtoToken = async (headers: Headers | string) => {
       // Expected audience token, the resource indicator of the current API
       audience: LOGTO_RESOURCE,
     }
-  );
+  ).catch(() => ({ payload: {} }));
   // console.debug('Payload', payload);
   // Sub is the user ID, used for user identification
   return payload