From 9cc7b8fdeb6ceabb344e11524043ddf77e0c7139 Mon Sep 17 00:00:00 2001
From: Fredrik Strand Oseberg <fredrik.no@gmail.com>
Date: Mon, 13 Feb 2023 08:40:04 +0100
Subject: [PATCH] fix: replace assert with error (#3074)

This PR changes the behavior of checking the incoming token on the
`/api/frontend` path. Instead of using assert resulting in a 500 error
we are throwing an error that is caught by the default controller and
emitted back to the user as JSON.

This should be the correct behaviour, since the endpoint can not give
you any meaningful data without the environment that the API token
holds.
---
 src/lib/services/proxy-service.ts | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/lib/services/proxy-service.ts b/src/lib/services/proxy-service.ts
index 2f84d32b51..b832990319 100644
--- a/src/lib/services/proxy-service.ts
+++ b/src/lib/services/proxy-service.ts
@@ -15,8 +15,7 @@ import {
     frontendSettingsKey,
 } from '../types/settings/frontend-settings';
 import { validateOrigins } from '../util';
-import { BadDataError } from '../error';
-import assert from 'assert';
+import { BadDataError, InvalidTokenError } from '../error';
 import { minutesToMilliseconds } from 'date-fns';
 
 type Config = Pick<
@@ -159,7 +158,9 @@ export class ProxyService {
     }
 
     private static assertExpectedTokenType({ type }: ApiUser) {
-        assert(type === ApiTokenType.FRONTEND || type === ApiTokenType.ADMIN);
+        if (!(type === ApiTokenType.FRONTEND || type === ApiTokenType.ADMIN)) {
+            throw new InvalidTokenError();
+        }
     }
 
     async setFrontendSettings(