Skip to content

Any way to redirect on JWSError JWSInvalidSignature? #3808

Discussion options

You must be logged in to vote

Have I missed some option to capture this behavior?

It would suffice to have a way to tell PostgREST to proceed with the request as the anonymous user, but I don't see how to accomplish this.

There is no way to accomplish what you're asking for.

If the shared secret changes, or the JWT becomes invalid in any other way, PostgREST returns JWSError JWSInvalidSignature to the browser. This appears to happen before PostgREST calls dp-pre-request, leaving me no way to redirect the browser to re-authenticate.

Did you consider setting up some error handler on the client for all requests, which catches the JWSInvalidSignature error and triggers the re-authentication?

Replies: 1 comment 2 replies

Comment options

You must be logged in to vote
2 replies
@TreyBoudreau
Comment options

@wolfgangwalther
Comment options

Answer selected by TreyBoudreau
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants