SecurityExceptionView and related work in JwtFilter.

src/main/java/app/mealsmadeeasy/api/recipe/RecipeController.java

@@ -24,7 +24,7 @@ public class RecipeController {
         this.recipeService = recipeService;
     }
 
-    @ExceptionHandler
+    @ExceptionHandler(RecipeException.class)
     public ResponseEntity<RecipeExceptionView> onRecipeException(RecipeException recipeException) {
         final HttpStatus status = switch (recipeException.getType()) {
             case INVALID_ID, INVALID_USERNAME_OR_SLUG -> HttpStatus.NOT_FOUND;

src/main/java/app/mealsmadeeasy/api/security/JwtFilter.java

@@ -1,10 +1,14 @@
 package app.mealsmadeeasy.api.security;
 
 import app.mealsmadeeasy.api.jwt.JwtService;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import io.jsonwebtoken.security.SecurityException;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.http.HttpHeaders;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
@@ -21,12 +25,16 @@ import java.io.IOException;
 @Component
 public final class JwtFilter extends OncePerRequestFilter {
 
+    private static final Logger logger = LoggerFactory.getLogger(JwtFilter.class);
+
     private final UserDetailsService userDetailsService;
     private final JwtService jwtService;
+    private final ObjectMapper objectMapper;
 
-    public JwtFilter(UserDetailsService userDetailsService, JwtService jwtService) {
+    public JwtFilter(UserDetailsService userDetailsService, JwtService jwtService, ObjectMapper objectMapper) {
         this.userDetailsService = userDetailsService;
         this.jwtService = jwtService;
+        this.objectMapper = objectMapper;
     }
 
     @Override
@@ -38,10 +46,18 @@ public final class JwtFilter extends OncePerRequestFilter {
             return;
         }
 
-        if (authorizationHeader.startsWith("Bearer ")
+        if (authorizationHeader.startsWith("Bearer ") && authorizationHeader.length() > 7) {
-                && authorizationHeader.length() > 7) {
             final String token = authorizationHeader.substring(7);
-            final String username = this.jwtService.getSubject(token);
+            final String username;
+            try {
+                username = this.jwtService.getSubject(token);
+            } catch (SecurityException e) {
+                logger.error("Error while getting username from token.", e);
+                final SecurityExceptionView view = new SecurityExceptionView(401, e.getMessage());
+                response.setStatus(401);
+                response.getWriter().write(this.objectMapper.writeValueAsString(view));
+                return;
+            }
             final UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);
             final var authenticationToken = new UsernamePasswordAuthenticationToken(
                     userDetails,

src/main/java/app/mealsmadeeasy/api/security/SecurityExceptionView.java

@@ -0,0 +1,21 @@
+package app.mealsmadeeasy.api.security;
+
+public class SecurityExceptionView {
+
+    private final int status;
+    private final String message;
+
+    public SecurityExceptionView(int status, String message) {
+        this.status = status;
+        this.message = message;
+    }
+
+    public int getStatus() {
+        return this.status;
+    }
+
+    public String getMessage() {
+        return this.message;
+    }
+
+}