Author: Adam <git@apiote.tk>
show error 401 instead of 403 on empty token
i18n/en-GB.toml | 4 ++++ libamuse/account.go | 3 +-- router.go | 1 + templates/error.html | 7 +++++++
diff --git a/i18n/en-GB.toml b/i18n/en-GB.toml index 7223988e27750c63124c951d0a8eb902894fedc0..3c46225631b4d5c5b863400b1bd5f8d422091031 100644 --- a/i18n/en-GB.toml +++ b/i18n/en-GB.toml @@ -183,6 +183,10 @@ 400_quote ="‘Wenk wenk.’" 400_character = "Gunter" 400_title = "Adventure Time" 400_name = "Bad request" +401_quote = "‘Who do you think you are, Pilgrim?’" +401_character = "Gideon Gordon Graves" +401_title = "Scott Pilgrim vs. the World" +401_name = "Unauthorized" 404_quote = "‘I couln’t find my Buzz. I know I left him right there.’" 404_character = "Andy" 404_title = "Toy Story" diff --git a/libamuse/account.go b/libamuse/account.go index 847c4301a30bd84d44e2597874b2bbb0ed4e8274..700c77811fcbe5c566aaa7ba6c18fd43270cb37e 100644 --- a/libamuse/account.go +++ b/libamuse/account.go @@ -16,8 +16,7 @@ ) func VerifyAuthToken(token accounts.Authentication) (accounts.User, error) { if token.Token == "" { - fmt.Fprintf(os.Stderr, "Empty token\n") - return accounts.User{}, nil + return accounts.User{}, accounts.AuthError{Err: errors.New("401")} } session, err := db.GetSession(token.Token) if err != nil { diff --git a/router.go b/router.go index 71772443b91926905b3d8951d71ce4e0f1149b94..3047e0319638c6f45e182a87c722e8e0b035d3ef 100644 --- a/router.go +++ b/router.go @@ -454,6 +454,7 @@ } else if httpError, ok := e.(network.HttpError); ok { renderError(httpError.Status, w, httpError, languages, mimetype) } else if authError, ok := e.(accounts.AuthError); ok { if authError.Err.Error() == "401" { + w.Header().Add("WWW-Authenticate", "Bearer") renderError(401, w, e, languages, mimetype) } else { renderError(403, w, e, languages, mimetype) diff --git a/templates/error.html b/templates/error.html index 33af7820fd0a8a292f93ab4671da62d6848a3a2f..ed33ac306c8607ef68ffb00d52cf6bda118bea99 100644 --- a/templates/error.html +++ b/templates/error.html @@ -25,6 +25,13 @@<p>{{.GetErrorData .Data "quote"}}</p> <p class="indent-2 sans">—{{.GetErrorData .Data "character"}} (<span class="italic sans">{{.GetErrorData .Data "title"}}</span>)</p> </div> + {{if eq .Data 401}} + <div> + <a href="/login" class="sans">Log in</a> + — + <a href="/signup" class="sans">Sign up</a> + </div> + {{end}} </div> </div> </main>