Invalid credentials error message.
This commit is contained in:
parent
7dfbeacd68
commit
71cbb1d519
@ -12,15 +12,15 @@ class AuthD::Request
|
||||
rescue e : DODB::MissingEntry
|
||||
# This lack of proper error message is intentional.
|
||||
# Let attackers try to authenticate themselves with a wrong login.
|
||||
return Response::Error.new "invalid credentials"
|
||||
return Response::ErrorInvalidCredentials.new
|
||||
end
|
||||
|
||||
# This line is basically just to please the Crystal's type system.
|
||||
# No user means DODB::MissingEntry, so it's already covered.
|
||||
return Response::Error.new "invalid credentials" if user.nil?
|
||||
return Response::ErrorInvalidCredentials.new if user.nil?
|
||||
|
||||
if user.password_hash != authd.hash_password @password
|
||||
return Response::Error.new "invalid credentials"
|
||||
return Response::ErrorInvalidCredentials.new
|
||||
end
|
||||
|
||||
user.date_last_connection = Time.local
|
||||
|
@ -59,4 +59,10 @@ class AuthD::Response
|
||||
end
|
||||
end
|
||||
AuthD.responses << ErrorInvalidEmailFormat
|
||||
|
||||
IPC::JSON.message ErrorInvalidCredentials, 29 do
|
||||
def initialize()
|
||||
end
|
||||
end
|
||||
AuthD.responses << ErrorInvalidCredentials
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user