From 45162d84349fae0c5ef79fc9c844edfbc8abe144 Mon Sep 17 00:00:00 2001
From: Philippe PITTOLI
Date: Tue, 10 Dec 2019 04:50:36 +0100
Subject: [PATCH] Less cryptic unauthorized error messages (ListUsers)
---
src/main.cr | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/main.cr b/src/main.cr
index 6633f91..56ee235 100644
--- a/src/main.cr
+++ b/src/main.cr
@@ -113,16 +113,16 @@ class AuthD::Service
request.token.try do |token|
user = get_user_from_token token
- return Response::Error.new "unauthorized" unless user
+ return Response::Error.new "unauthorized (user not found from token)" unless user
- return Response::Error.new "unauthorized" unless user.groups.any? &.==("authd")
+ return Response::Error.new "unauthorized (user not in authd group)" unless user.groups.any? &.==("authd")
end
request.key.try do |key|
- return Response::Error.new "unauthorized" unless key == @jwt_key
+ return Response::Error.new "unauthorized (wrong shared key)" unless key == @jwt_key
end
- return Response::Error.new "unauthorized" unless request.key || request.token
+ return Response::Error.new "unauthorized (no key nor token)" unless request.key || request.token
Response::UsersList.new @passwd.get_all_users
else