improve errors when logging in with revoked or invalid token

Author: nicktrn

apps/webapp/app/services/personalAccessToken.server.ts

@@ -134,20 +134,27 @@ export async function authenticatePersonalAccessToken(
 
   const hashedToken = hashToken(token);
 
-  const personalAccessToken = await prisma.personalAccessToken.update({
+  const personalAccessToken = await prisma.personalAccessToken.findFirst({
     where: {
       hashedToken,
       revokedAt: null,
     },
-    data: {
-      lastAccessedAt: new Date(),
-    },
   });
 
   if (!personalAccessToken) {
+    // The token may have been revoked or is entirely invalid
     return;
   }
 
+  await prisma.personalAccessToken.update({
+    where: {
+      id: personalAccessToken.id,
+    },
+    data: {
+      lastAccessedAt: new Date(),
+    },
+  });
+
   const decryptedToken = decryptPersonalAccessToken(personalAccessToken);
 
   if (decryptedToken !== token) {