From 3081757536b6450a66a18f5d5b5ec7006c7e3a23 Mon Sep 17 00:00:00 2001
From: Pierre HUBERT <pierre.git@communiquons.org>
Date: Tue, 18 Mar 2025 22:48:17 +0100
Subject: [PATCH] Return proper error when user authentication cannot be
 verified

---
 moneymgr_backend/src/extractors/auth_extractor.rs | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/moneymgr_backend/src/extractors/auth_extractor.rs b/moneymgr_backend/src/extractors/auth_extractor.rs
index 023000f..3e3f8ab 100644
--- a/moneymgr_backend/src/extractors/auth_extractor.rs
+++ b/moneymgr_backend/src/extractors/auth_extractor.rs
@@ -3,7 +3,7 @@ use crate::extractors::money_session::MoneySession;
 use crate::models::users::User;
 use crate::services::users_service;
 use actix_web::dev::Payload;
-use actix_web::error::ErrorUnauthorized;
+use actix_web::error::ErrorPreconditionFailed;
 use actix_web::{Error, FromRequest, HttpRequest};
 
 #[derive(Debug, Clone)]
@@ -31,7 +31,7 @@ impl FromRequest for AuthExtractor {
             if let Some(email) = &AppConfig::get().unsecure_auto_login_email {
                 let user = users_service::get_user_by_email(email).map_err(|e| {
                     log::error!("Failed to retrieve dev user: {e}");
-                    ErrorUnauthorized("Unable to retrieve dev user!")
+                    ErrorPreconditionFailed("Unable to retrieve dev user!")
                 })?;
                 return Ok(Self {
                     method: AuthenticatedMethod::Dev,
@@ -43,11 +43,11 @@ impl FromRequest for AuthExtractor {
             let session = MoneySession::extract(&req).await?;
             if let Some(user_id) = session.current_user().map_err(|e| {
                 log::error!("Failed to retrieve user id: {e}");
-                ErrorUnauthorized("Failed to read session information!")
+                ErrorPreconditionFailed("Failed to read session information!")
             })? {
                 let user = users_service::get_user_by_id(user_id).map_err(|e| {
                     log::error!("Failed to retrieve user from cookie session: {e}");
-                    ErrorUnauthorized("Failed to retrieve user information!")
+                    ErrorPreconditionFailed("Failed to retrieve user information!")
                 })?;
                 return Ok(Self {
                     method: AuthenticatedMethod::Cookie,
@@ -55,7 +55,7 @@ impl FromRequest for AuthExtractor {
                 });
             };
 
-            Err(ErrorUnauthorized("Authentication required!"))
+            Err(ErrorPreconditionFailed("Authentication required!"))
         })
     }
 }