Standardize response codes in Login (#6787)

* standardizing login response codes

* playwright fix

* added translation
pull/6807/head^2
Syed Ali Shahbaz 2023-01-31 00:07:03 +05:30 committed by GitHub
parent 1be6f192d4
commit a4bed48eaf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 11 additions and 8 deletions

View File

@ -72,8 +72,9 @@ const providers: Provider[] = [
},
});
// Don't leak information about it being username or password that is invalid
if (!user) {
throw new Error(ErrorCode.UserNotFound);
throw new Error(ErrorCode.IncorrectUsernamePassword);
}
if (user.identityProvider !== IdentityProvider.CAL) {
@ -81,12 +82,12 @@ const providers: Provider[] = [
}
if (!user.password) {
throw new Error(ErrorCode.UserMissingPassword);
throw new Error(ErrorCode.IncorrectUsernamePassword);
}
const isCorrectPassword = await verifyPassword(credentials.password, user.password);
if (!isCorrectPassword) {
throw new Error(ErrorCode.IncorrectPassword);
throw new Error(ErrorCode.IncorrectUsernamePassword);
}
if (user.twoFactorEnabled) {

View File

@ -9,6 +9,7 @@ import { FaGoogle } from "react-icons/fa";
import { SAMLLogin } from "@calcom/features/auth/SAMLLogin";
import { isSAMLLoginEnabled, samlProductID, samlTenantID } from "@calcom/features/ee/sso/lib/saml";
import { ErrorCode, getSession } from "@calcom/lib/auth";
import { WEBAPP_URL, WEBSITE_URL } from "@calcom/lib/constants";
import { getSafeRedirectUrl } from "@calcom/lib/getSafeRedirectUrl";
import { useLocale } from "@calcom/lib/hooks/useLocale";
@ -17,7 +18,6 @@ import prisma from "@calcom/prisma";
import { Alert, Button, EmailField, PasswordField } from "@calcom/ui";
import { FiArrowLeft } from "@calcom/ui/components/icon";
import { ErrorCode, getSession } from "@lib/auth";
import { inferSSRProps } from "@lib/types/inferSSRProps";
import AddToHomescreen from "@components/AddToHomescreen";
@ -52,8 +52,8 @@ export default function Login({
const errorMessages: { [key: string]: string } = {
// [ErrorCode.SecondFactorRequired]: t("2fa_enabled_instructions"),
[ErrorCode.IncorrectPassword]: `${t("incorrect_password")} ${t("please_try_again")}`,
[ErrorCode.UserNotFound]: t("no_account_exists"),
// Don't leak information about whether an email is registered or not
[ErrorCode.IncorrectUsernamePassword]: t("incorrect_username_password"),
[ErrorCode.IncorrectTwoFactorCode]: `${t("incorrect_2fa_code")} ${t("please_try_again")}`,
[ErrorCode.InternalServerError]: `${t("something_went_wrong")} ${t("please_try_again_and_contact_us")}`,
[ErrorCode.ThirdPartyIdentityProviderEnabled]: t("account_created_with_identity_provider"),

View File

@ -60,7 +60,7 @@ test.describe("Login and logout tests", () => {
test.describe("Login flow validations", async () => {
test("Should warn when user does not exist", async ({ page }) => {
const alertMessage = (await localize("en"))("no_account_exists");
const alertMessage = (await localize("en"))("incorrect_username_password");
// Login with a non-existent user
const never = "never";
@ -71,7 +71,7 @@ test.describe("Login and logout tests", () => {
});
test("Should warn when password is incorrect", async ({ page, users }) => {
const alertMessage = (await localize("en"))("incorrect_password");
const alertMessage = (await localize("en"))("incorrect_username_password");
// by default password===username with the users fixture
const pro = await users.create({ username: "pro" });

View File

@ -431,6 +431,7 @@
"password_hint_num": "Contain at least 1 number",
"invalid_password_hint": "The password must be a minimum of 7 characters long containing at least one number and have a mixture of uppercase and lowercase letters",
"incorrect_password": "Password is incorrect.",
"incorrect_username_password": "Username or password is incorrect.",
"24_h": "24h",
"use_setting": "Use setting",
"am_pm": "am/pm",

View File

@ -73,6 +73,7 @@ export const ensureSession = async (ctxOrReq: CtxOrReq) => {
};
export enum ErrorCode {
IncorrectUsernamePassword = "incorrect-username-password",
UserNotFound = "user-not-found",
IncorrectPassword = "incorrect-password",
UserMissingPassword = "missing-password",