Invalid credentials error message.

2023-06-14 01:51:55 +02:00 · 2023-06-14 01:51:55 +02:00 · 71cbb1d519
parent 7dfbeacd68
commit 71cbb1d519
2 changed files with 9 additions and 3 deletions
--- a/src/requests/login.cr
+++ b/src/requests/login.cr
@ -12,15 +12,15 @@ class AuthD::Request
 			rescue e : DODB::MissingEntry
 				# This lack of proper error message is intentional.
 				# Let attackers try to authenticate themselves with a wrong login.
-				return Response::Error.new "invalid credentials"
+				return Response::ErrorInvalidCredentials.new
 			end

 			# This line is basically just to please the Crystal's type system.
 			# No user means DODB::MissingEntry, so it's already covered.
-			return Response::Error.new "invalid credentials" if user.nil?
+			return Response::ErrorInvalidCredentials.new if user.nil?

 			if user.password_hash != authd.hash_password @password
-				return Response::Error.new "invalid credentials"
+				return Response::ErrorInvalidCredentials.new
 			end

 			user.date_last_connection = Time.local
--- a/src/responses/errors.cr
+++ b/src/responses/errors.cr
@ -59,4 +59,10 @@ class AuthD::Response
 		end
 	end
 	AuthD.responses << ErrorInvalidEmailFormat
+
+	IPC::JSON.message ErrorInvalidCredentials, 29 do
+		def initialize()
+		end
+	end
+	AuthD.responses << ErrorInvalidCredentials
 end