Skip to content
Snippets Groups Projects
Commit e27b13ba authored by Alexandre Grison's avatar Alexandre Grison
Browse files

Make the failed login respond a 422

parent 516345ec
Branches
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
src/main/kotlin/io/realworld/exception/InvalidLoginException.kt 0 → 100644
+ 3
0
View file @ e27b13ba
package io.realworld.exception
class InvalidLoginException(val field: String, val error: String) : RuntimeException()
src/main/kotlin/io/realworld/service/UserService.kt
+ 4
1
View file @ e27b13ba
...@@ -2,12 +2,14 @@ package io.realworld.service ...@@ -2,12 +2,14 @@ package io.realworld.service
import io.jsonwebtoken.Jwts import io.jsonwebtoken.Jwts
import io.jsonwebtoken.SignatureAlgorithm import io.jsonwebtoken.SignatureAlgorithm
import io.realworld.exception.InvalidLoginException
import io.realworld.model.User import io.realworld.model.User
import io.realworld.model.inout.Login import io.realworld.model.inout.Login
import io.realworld.repository.UserRepository import io.realworld.repository.UserRepository
import org.mindrot.jbcrypt.BCrypt import org.mindrot.jbcrypt.BCrypt
import org.springframework.beans.factory.annotation.Value import org.springframework.beans.factory.annotation.Value
import org.springframework.stereotype.Service import org.springframework.stereotype.Service
import org.springframework.validation.Errors
import java.util.* import java.util.*
@Service @Service
...@@ -59,8 +61,9 @@ class UserService(val userRepository: UserRepository, ...@@ -59,8 +61,9 @@ class UserService(val userRepository: UserRepository,
if (BCrypt.checkpw(login.password!!, it.password)) { if (BCrypt.checkpw(login.password!!, it.password)) {
return updateToken(it) return updateToken(it)
} }
throw InvalidLoginException("password", "invalid password")
} }
return null throw InvalidLoginException("email", "unknown email")
} }
} }
src/main/kotlin/io/realworld/web/UserHandler.kt
+ 10
7
View file @ e27b13ba
package io.realworld.web package io.realworld.web
import io.realworld.exception.ForbiddenRequestException import io.realworld.exception.*
import io.realworld.exception.InvalidRequest
import io.realworld.exception.UnauthorizedException
import io.realworld.jwt.ApiKeySecured import io.realworld.jwt.ApiKeySecured
import io.realworld.model.User import io.realworld.model.User
import io.realworld.model.inout.Login import io.realworld.model.inout.Login
...@@ -25,11 +23,16 @@ class UserHandler(val repository: UserRepository, ...@@ -25,11 +23,16 @@ class UserHandler(val repository: UserRepository,
fun login(@Valid @RequestBody login: Login, errors: Errors): Any { fun login(@Valid @RequestBody login: Login, errors: Errors): Any {
InvalidRequest.check(errors) InvalidRequest.check(errors)
try {
service.login(login)?.let { service.login(login)?.let {
return view(service.updateToken(it)) return view(service.updateToken(it))
} }
return ForbiddenRequestException()
throw ForbiddenRequestException() } catch (e: InvalidLoginException) {
val errors = org.springframework.validation.BindException(this, "")
errors.addError(FieldError("", e.field, e.error))
throw InvalidException(errors)
}
} }
@PostMapping("/api/users") @PostMapping("/api/users")
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Hosted with :heart: by KSZK