improve authentication errors

This commit is contained in:
Johann150 2022-07-18 17:42:14 +02:00
parent 91bdab1a9d
commit edac21e8f7
Signed by untrusted user: Johann150
GPG key ID: 9EE6577A2A06F8F1
2 changed files with 9 additions and 5 deletions

View file

@ -47,11 +47,15 @@ export default (endpoint: IEndpoint, ctx: Koa.Context) => new Promise<void>((res
});
}).catch(e => {
if (e instanceof AuthenticationError) {
reply(403, new ApiError({
message: 'Authentication failed. Please ensure your token is correct.',
ctx.response.status = 403;
ctx.response.set('WWW-Authenticate', 'Bearer');
ctx.response.body = {
message: 'Authentication failed: ' + e.message,
code: 'AUTHENTICATION_FAILED',
id: 'b0a7f5f8-dc2f-4171-b91f-de88ad238e14',
}));
kind: 'client',
};
res();
} else {
reply(500, new ApiError());
}

View file

@ -42,7 +42,7 @@ export default async (authorization: string | null | undefined, bodyToken: strin
() => Users.findOneBy({ token }) as Promise<ILocalUser | null>);
if (user == null) {
throw new AuthenticationError('user not found');
throw new AuthenticationError('unknown token');
}
return [user, null];
@ -56,7 +56,7 @@ export default async (authorization: string | null | undefined, bodyToken: strin
});
if (accessToken == null) {
throw new AuthenticationError('invalid signature');
throw new AuthenticationError('unknown token');
}
AccessTokens.update(accessToken.id, {