Skip to content

fix(error): catch socket auth error as 4xx#4059

Merged
TheodoreSpeaks merged 2 commits intostagingfrom
debug/socket-error
Apr 8, 2026
Merged

fix(error): catch socket auth error as 4xx#4059
TheodoreSpeaks merged 2 commits intostagingfrom
debug/socket-error

Conversation

@TheodoreSpeaks
Copy link
Copy Markdown
Collaborator

@TheodoreSpeaks TheodoreSpeaks commented Apr 8, 2026

Summary

Better auth on invalid/expired tokens throws UNAUTHORIZED. We were throwing as 5xx, fixed to throw correctly as a 4xx.

Type of Change

  • Bug fix
  • New feature
  • Breaking change
  • Documentation
  • Other: ___________

Testing

  • Manual validation.

Checklist

  • Code follows project style guidelines
  • Self-reviewed my changes
  • Tests added/updated and passing
  • No new warnings introduced
  • I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

Screenshots/Videos

@cursor
Copy link
Copy Markdown

cursor bot commented Apr 8, 2026
edited
Loading

PR Summary

Low Risk
Low risk: small change limited to error handling in a single endpoint, converting known auth/session failures from 500s to 401s.

Overview
Fixes POST /api/auth/socket-token to treat better-auth UNAUTHORIZED/401 errors (missing or expired session) as an authentication failure and return 401 { error: "Authentication required" } instead of falling through to a 500.

Adds a warning log for these cases while keeping existing 500 logging/response for unexpected token generation failures.

Reviewed by Cursor Bugbot for commit ff5c846. Bugbot is set up for automated code reviews on this repo. Configure here.

@vercel
Copy link
Copy Markdown

vercel bot commented Apr 8, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment
Project Deployment Actions Updated (UTC)
docs Skipped Skipped Apr 8, 2026 10:59pm

Request Review

@greptile-apps
Copy link
Copy Markdown
Contributor

greptile-apps bot commented Apr 8, 2026

Greptile Summary

This PR fixes a bug where better-auth's sessionMiddleware throws APIError(\"UNAUTHORIZED\") on missing/expired sessions, which was previously propagated as a 500 response. The catch block now inspects statusCode === 401 || status === 'UNAUTHORIZED' and returns a proper 401 to the client.

Confidence Score: 5/5

This PR is safe to merge — it is a focused, single-file bug fix with no regressions risk.

The change is minimal and narrowly scoped: a single catch-block addition that remaps a known better-auth UNAUTHORIZED error to 401. All logging standards are followed, no any types are introduced (only a type assertion, flagged as P2 style), and the fallthrough to 500 for unexpected errors is preserved correctly.

No files require special attention.

Vulnerabilities

No security concerns identified. The change correctly surfaces authentication failures as 401s without leaking internal error details to the client.

Important Files Changed

Filename Overview
apps/sim/app/api/auth/socket-token/route.ts Adds a targeted catch for better-auth's UNAUTHORIZED APIError, returning 401 instead of 500; uses correct logger/import conventions with a minor type-assertion style issue.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[POST /api/auth/socket-token] --> B{Auth disabled?}
    B -- Yes --> C[Return anonymous socket identifier]
    B -- No --> D[Call auth.api.generateOneTimeToken]
    D --> E{Success?}
    E -- Yes, response exists --> F[Return 200 with socket identifier]
    E -- No response value --> G[Return 401 Authentication required]
    D --> H{Error thrown?}
    H -- statusCode 401 or status UNAUTHORIZED --> I[logger.warn + Return 401]
    H -- Other error --> J[logger.error + Return 500]
Loading

Reviews (1): Last reviewed commit: "fix(error): catch socket auth error as 4..." | Re-trigger Greptile

greptile-apps[bot]
greptile-apps bot reviewed Apr 8, 2026
View reviewed changes
@TheodoreSpeaks TheodoreSpeaks merged commit c833492 into staging Apr 8, 2026
12 checks passed
@TheodoreSpeaks TheodoreSpeaks deleted the debug/socket-error branch April 8, 2026 23:08
@waleedlatif1 waleedlatif1 mentioned this pull request Apr 9, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@TheodoreSpeaks