From edac21e8f73fccd6da204b8bca08318d8762a9ee Mon Sep 17 00:00:00 2001 From: Johann150 Date: Mon, 18 Jul 2022 17:42:14 +0200 Subject: [PATCH] improve authentication errors --- packages/backend/src/server/api/api-handler.ts | 10 +++++++--- packages/backend/src/server/api/authenticate.ts | 4 ++-- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/packages/backend/src/server/api/api-handler.ts b/packages/backend/src/server/api/api-handler.ts index 9146b2180..956096367 100644 --- a/packages/backend/src/server/api/api-handler.ts +++ b/packages/backend/src/server/api/api-handler.ts @@ -47,11 +47,15 @@ export default (endpoint: IEndpoint, ctx: Koa.Context) => new Promise((res }); }).catch(e => { if (e instanceof AuthenticationError) { - reply(403, new ApiError({ - message: 'Authentication failed. Please ensure your token is correct.', + ctx.response.status = 403; + ctx.response.set('WWW-Authenticate', 'Bearer'); + ctx.response.body = { + message: 'Authentication failed: ' + e.message, code: 'AUTHENTICATION_FAILED', id: 'b0a7f5f8-dc2f-4171-b91f-de88ad238e14', - })); + kind: 'client', + }; + res(); } else { reply(500, new ApiError()); } diff --git a/packages/backend/src/server/api/authenticate.ts b/packages/backend/src/server/api/authenticate.ts index 192f20ebc..39be06c29 100644 --- a/packages/backend/src/server/api/authenticate.ts +++ b/packages/backend/src/server/api/authenticate.ts @@ -42,7 +42,7 @@ export default async (authorization: string | null | undefined, bodyToken: strin () => Users.findOneBy({ token }) as Promise); if (user == null) { - throw new AuthenticationError('user not found'); + throw new AuthenticationError('unknown token'); } return [user, null]; @@ -56,7 +56,7 @@ export default async (authorization: string | null | undefined, bodyToken: strin }); if (accessToken == null) { - throw new AuthenticationError('invalid signature'); + throw new AuthenticationError('unknown token'); } AccessTokens.update(accessToken.id, {