twentyhq · munch-lax · Dec 12, 2024 · Dec 18, 2024 · greptile-apps · Dec 12, 2024
diff --git a/packages/twenty-server/src/engine/core-modules/file/guards/file-path-guard.ts b/packages/twenty-server/src/engine/core-modules/file/guards/file-path-guard.ts
@@ -5,6 +5,7 @@ import {
   HttpStatus,
   Injectable,
 } from '@nestjs/common';
+import { AuthException, AuthExceptionCode } from 'src/engine/core-modules/auth/auth.exception';
 
 import { JwtWrapperService } from 'src/engine/core-modules/jwt/services/jwt-wrapper.service';
 
@@ -15,20 +16,31 @@ export class FilePathGuard implements CanActivate {
   async canActivate(context: ExecutionContext): Promise<boolean> {
     const request = context.switchToHttp().getRequest();
     const query = request.query;
-
+    
     if (!query || !query['token']) {
       return false;
     }
-
-    const payload = await this.jwtWrapperService.verifyWorkspaceToken(
+    let payload:any ={}
+    try{
+     payload = await this.jwtWrapperService.verifyWorkspaceToken(
       query['token'],
       'FILE',
-    );
-
+    )
+  }catch (error) {
+    if(error instanceof AuthException && error.code === AuthExceptionCode.UNAUTHENTICATED ){
+      return false
+    }
+    else{
+      throw new AuthException(
+        'TOKEN VERIFICATION FAILED',
+        AuthExceptionCode.INTERNAL_SERVER_ERROR,
+      );
+    }
+  }
     if (!payload.workspaceId) {
       return false;
     }
-
+    
     const decodedPayload = await this.jwtWrapperService.decode(query['token'], {
       json: true,
     });