Update main.py

main.py

@@ -181,19 +181,31 @@ async def landing(request: Request):
 
 # Your other routes and app configuration go here
 
+from starlette.status import HTTP_401_UNAUTHORIZED, HTTP_400_BAD_REQUEST
+from jwt import ExpiredSignatureError, InvalidTokenError  # Ensure you've imported these
+
 @app.get("/login", response_class=HTMLResponse)
-async def login(request: Request, token: Optional[str] = Depends(oauth2_scheme, use_cache=False)):
-    # Check if user is already authenticated
-    if token:
+async def login(request: Request, db: Session = Depends(get_db)):
+    # Try to retrieve the access token from the cookie
+    access_token = request.cookies.get("access_token")
+
+    if access_token:
         try:
-            # Verify the token (you should have a function similar to 'verify_token')
-            user_email = verify_token(token)
+            # Remove the 'Bearer ' prefix and verify the token
+            user_email = verify_token(access_token.split("Bearer ")[1])
             if user_email:
                 # If token is valid, redirect to /protected
                 return RedirectResponse(url="/protected")
+        except ExpiredSignatureError:
+            # Token has expired. You could redirect to the login page or inform the user
+            raise HTTPException(status_code=HTTP_401_UNAUTHORIZED, detail="Token expired")
+        except InvalidTokenError:
+            # Token is invalid, inform the user or redirect
+            raise HTTPException(status_code=HTTP_400_BAD_REQUEST, detail="Invalid token")
         except Exception as e:
-            # Handle token verification errors (e.g., token expired)
-            pass
+            # General exception, log this exception for debugging
+            # Respond with a generic error message
+            raise HTTPException(status_code=HTTP_400_BAD_REQUEST, detail="An error occurred")
 
     # If not authenticated, show the login page
     return templates.TemplateResponse("login.html", {"request": request})