From 35d61d507b5d15f8c3471df23eabb7b04a366063 Mon Sep 17 00:00:00 2001
From: DavisVT <victorojodavid@gmail.com>
Date: Sun, 31 May 2026 12:45:55 +0100
Subject: [PATCH] Add structured warn logs for auth token validation failures

---
 src/middlewares/error.middleware.ts | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/middlewares/error.middleware.ts b/src/middlewares/error.middleware.ts
index 2846e03..f798662 100644
--- a/src/middlewares/error.middleware.ts
+++ b/src/middlewares/error.middleware.ts
@@ -86,6 +86,12 @@ export const errorHandler: ErrorRequestHandler = (
 
    // Handle JWT errors
    if (err.name === 'JsonWebTokenError') {
+      logger.warn({
+         msg: 'Auth token validation failed',
+         reason: err.message,
+         route: `${req.method} ${sanitizeLogFieldValue(req.originalUrl)}`,
+         requestId: req.requestId,
+      });
       res.status(401).json({
          success: false,
          code: ErrorCode.JWT_ERROR,
@@ -95,6 +101,12 @@ export const errorHandler: ErrorRequestHandler = (
    }
 
    if (err.name === 'TokenExpiredError') {
+      logger.warn({
+         msg: 'Auth token validation failed',
+         reason: 'Token has expired',
+         route: `${req.method} ${sanitizeLogFieldValue(req.originalUrl)}`,
+         requestId: req.requestId,
+      });
       res.status(401).json({
          success: false,
          code: ErrorCode.JWT_ERROR,