references/dokploy
1
0
Fork 0
mirror of https://github.com/dokploy/dokploy.git synced 2026-06-14 03:19:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: address PR review — case-insensitive email check and proper error handling

Browse Source 
- Normalize emails with toLowerCase().trim() before comparing
- Wrap getUserByToken in try/catch since it throws TRPCError on miss,
  rethrow as APIError for consistent error responses
This commit is contained in:
Mauricio Siu
2026-04-05 12:42:09 -06:00
parent 04ffa43008
commit ddde6a7bcb
1 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/server/src/lib/auth.ts
+6 -4
View File
@@ -148,10 +148,12 @@ const { handler, api } = betterAuth({
const xDokployToken =
context?.request?.headers?.get("x-dokploy-token");
if (xDokployToken) {
const invitation = await getUserByToken(xDokployToken);
if (!invitation) {
let invitation: Awaited<ReturnType<typeof getUserByToken>>;
try {
invitation = await getUserByToken(xDokployToken);
} catch {
throw new APIError("BAD_REQUEST", {
message: "User not found",
message: "Invalid invitation token",
});
}
if (invitation.isExpired) {
@@ -164,7 +166,7 @@ const { handler, api } = betterAuth({
message: "Invitation has already been used",
});
}
if (_user.email !== invitation.email) {
if (_user.email.toLowerCase().trim() !== invitation.email.toLowerCase().trim()) {
throw new APIError("BAD_REQUEST", {
message: "Email does not match invitation",
});