From f0b9d27ceeb641ba92b56ab0f527737bbc81882a Mon Sep 17 00:00:00 2001
From: Tiago Yamamoto <japa@rede5.com.br>
Date: Mon, 22 Dec 2025 00:06:06 -0300
Subject: [PATCH] Fix login token guard

---
 marketplace/src/pages/Login.tsx | 3 +++
 marketplace/src/utils/jwt.ts    | 3 ++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/marketplace/src/pages/Login.tsx b/marketplace/src/pages/Login.tsx
index 7de83c9..282cede 100644
--- a/marketplace/src/pages/Login.tsx
+++ b/marketplace/src/pages/Login.tsx
@@ -30,6 +30,9 @@ export function LoginPage() {
 
     try {
       const { token } = await authService.login({ username, password })
+      if (!token) {
+        throw new Error('Resposta de login inválida. Verifique o usuário e a senha.')
+      }
       const payload = decodeJwtPayload<{ role?: string }>(token)
       const role = resolveRole(payload?.role)
       login(token, role, username)
diff --git a/marketplace/src/utils/jwt.ts b/marketplace/src/utils/jwt.ts
index a09226c..284e9e0 100644
--- a/marketplace/src/utils/jwt.ts
+++ b/marketplace/src/utils/jwt.ts
@@ -1,7 +1,8 @@
 const toBase64 = (value: string) =>
   value.replace(/-/g, '+').replace(/_/g, '/').padEnd(Math.ceil(value.length / 4) * 4, '=')
 
-export const decodeJwtPayload = <T extends Record<string, unknown>>(token: string): T | null => {
+export const decodeJwtPayload = <T extends Record<string, unknown>>(token?: string): T | null => {
+  if (!token) return null
   const [, payload] = token.split('.')
   if (!payload) return null