Return proper error when user authentication cannot be verified
This commit is contained in:
@ -3,7 +3,7 @@ use crate::extractors::money_session::MoneySession;
|
|||||||
use crate::models::users::User;
|
use crate::models::users::User;
|
||||||
use crate::services::users_service;
|
use crate::services::users_service;
|
||||||
use actix_web::dev::Payload;
|
use actix_web::dev::Payload;
|
||||||
use actix_web::error::ErrorUnauthorized;
|
use actix_web::error::ErrorPreconditionFailed;
|
||||||
use actix_web::{Error, FromRequest, HttpRequest};
|
use actix_web::{Error, FromRequest, HttpRequest};
|
||||||
|
|
||||||
#[derive(Debug, Clone)]
|
#[derive(Debug, Clone)]
|
||||||
@ -31,7 +31,7 @@ impl FromRequest for AuthExtractor {
|
|||||||
if let Some(email) = &AppConfig::get().unsecure_auto_login_email {
|
if let Some(email) = &AppConfig::get().unsecure_auto_login_email {
|
||||||
let user = users_service::get_user_by_email(email).map_err(|e| {
|
let user = users_service::get_user_by_email(email).map_err(|e| {
|
||||||
log::error!("Failed to retrieve dev user: {e}");
|
log::error!("Failed to retrieve dev user: {e}");
|
||||||
ErrorUnauthorized("Unable to retrieve dev user!")
|
ErrorPreconditionFailed("Unable to retrieve dev user!")
|
||||||
})?;
|
})?;
|
||||||
return Ok(Self {
|
return Ok(Self {
|
||||||
method: AuthenticatedMethod::Dev,
|
method: AuthenticatedMethod::Dev,
|
||||||
@ -43,11 +43,11 @@ impl FromRequest for AuthExtractor {
|
|||||||
let session = MoneySession::extract(&req).await?;
|
let session = MoneySession::extract(&req).await?;
|
||||||
if let Some(user_id) = session.current_user().map_err(|e| {
|
if let Some(user_id) = session.current_user().map_err(|e| {
|
||||||
log::error!("Failed to retrieve user id: {e}");
|
log::error!("Failed to retrieve user id: {e}");
|
||||||
ErrorUnauthorized("Failed to read session information!")
|
ErrorPreconditionFailed("Failed to read session information!")
|
||||||
})? {
|
})? {
|
||||||
let user = users_service::get_user_by_id(user_id).map_err(|e| {
|
let user = users_service::get_user_by_id(user_id).map_err(|e| {
|
||||||
log::error!("Failed to retrieve user from cookie session: {e}");
|
log::error!("Failed to retrieve user from cookie session: {e}");
|
||||||
ErrorUnauthorized("Failed to retrieve user information!")
|
ErrorPreconditionFailed("Failed to retrieve user information!")
|
||||||
})?;
|
})?;
|
||||||
return Ok(Self {
|
return Ok(Self {
|
||||||
method: AuthenticatedMethod::Cookie,
|
method: AuthenticatedMethod::Cookie,
|
||||||
@ -55,7 +55,7 @@ impl FromRequest for AuthExtractor {
|
|||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
Err(ErrorUnauthorized("Authentication required!"))
|
Err(ErrorPreconditionFailed("Authentication required!"))
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user