mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-13 22:54:42 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Change error types in checkLocalPassword and updateLocalPassword to InvalidCredentialsError and NoLocalIdentityError

Browse source 
Signed-off-by: Yannick Bungers <git@innay.de>
This commit is contained in:
Yannick Bungers 2022-01-06 21:59:46 +01:00 committed by David Mehren
parent f39315ea7b
commit b562a5dac7
No known key found for this signature in database
GPG key ID: 185982BA4C42B7C3
4 changed files with 38 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

15
src/api/private/auth/auth.controller.ts
View file

@ -17,7 +17,11 @@ import {
} from '@nestjs/common'; } from '@nestjs/common';
import { Session } from 'express-session'; import { Session } from 'express-session';
import { AlreadyInDBError, NotInDBError } from '../../../errors/errors'; import {
AlreadyInDBError,
InvalidCredentialsError,
NoLocalIdentityError,
} from '../../../errors/errors';
import { IdentityService } from '../../../identity/identity.service'; import { IdentityService } from '../../../identity/identity.service';
import { LocalAuthGuard } from '../../../identity/local/local.strategy'; import { LocalAuthGuard } from '../../../identity/local/local.strategy';
import { LoginDto } from '../../../identity/local/login.dto'; import { LoginDto } from '../../../identity/local/login.dto';
@ -80,10 +84,11 @@ export class AuthController {
); );
return; return;
} catch (e) { } catch (e) {
if (e instanceof NotInDBError) { if (e instanceof InvalidCredentialsError) {
throw new UnauthorizedException( throw new UnauthorizedException('Password is not correct');
'Verifying your identity with the current password did not work.', }
); if (e instanceof NoLocalIdentityError) {
throw new BadRequestException('User has no local identity.');
} }
throw e; throw e;
} }

8
src/errors/errors.ts
View file

@ -43,3 +43,11 @@ export class MediaBackendError extends Error {
export class PrimaryAliasDeletionForbiddenError extends Error { export class PrimaryAliasDeletionForbiddenError extends Error {
name = 'PrimaryAliasDeletionForbiddenError'; name = 'PrimaryAliasDeletionForbiddenError';
} }
export class InvalidCredentialsError extends Error {
name = 'InvalidCredentialsError';
}
export class NoLocalIdentityError extends Error {
name = 'NoLocalIdentityError';
}

18
src/identity/identity.service.ts
View file

@ -8,7 +8,10 @@ import { InjectRepository } from '@nestjs/typeorm';
import { Repository } from 'typeorm'; import { Repository } from 'typeorm';
import authConfiguration, { AuthConfig } from '../config/auth.config'; import authConfiguration, { AuthConfig } from '../config/auth.config';
import { NotInDBError } from '../errors/errors'; import {
InvalidCredentialsError,
NoLocalIdentityError,
} from '../errors/errors';
import { ConsoleLoggerService } from '../logger/console-logger.service'; import { ConsoleLoggerService } from '../logger/console-logger.service';
import { User } from '../users/user.entity'; import { User } from '../users/user.entity';
import { checkPassword, hashPassword } from '../utils/password'; import { checkPassword, hashPassword } from '../utils/password';
@ -46,7 +49,7 @@ export class IdentityService {
* Update the internal password of the specified the user * Update the internal password of the specified the user
* @param {User} user - the user, which identity should be updated * @param {User} user - the user, which identity should be updated
* @param {string} newPassword - the new password * @param {string} newPassword - the new password
* @throws {NotInDBError} the specified user has no internal identity * @throws {NoLocalIdentityError} the specified user has no internal identity
* @return {Identity} the changed identity * @return {Identity} the changed identity
*/ */
async updateLocalPassword( async updateLocalPassword(
@ -60,7 +63,7 @@ export class IdentityService {
`The user with the username ${user.username} does not have a internal identity.`, `The user with the username ${user.username} does not have a internal identity.`,
'updateLocalPassword', 'updateLocalPassword',
); );
throw new NotInDBError('This user has no internal identity.'); throw new NoLocalIdentityError('This user has no internal identity.');
} }
internalIdentity.passwordHash = await hashPassword(newPassword); internalIdentity.passwordHash = await hashPassword(newPassword);
return await this.identityRepository.save(internalIdentity); return await this.identityRepository.save(internalIdentity);
@ -68,10 +71,11 @@ export class IdentityService {
/** /**
* @async * @async
* Login the user with their username and password * Checks if the user and password combination matches
* @param {User} user - the user to use * @param {User} user - the user to use
* @param {string} password - the password to use * @param {string} password - the password to use
* @throws {NotInDBError} the specified user can't be logged in * @throws {InvalidCredentialsError} the password and user do not match
* @throws {NoLocalIdentityError} the specified user has no internal identity
*/ */
async checkLocalPassword(user: User, password: string): Promise<void> { async checkLocalPassword(user: User, password: string): Promise<void> {
const internalIdentity: Identity | undefined = const internalIdentity: Identity | undefined =
@ -81,14 +85,14 @@ export class IdentityService {
`The user with the username ${user.username} does not have a internal identity.`, `The user with the username ${user.username} does not have a internal identity.`,
'checkLocalPassword', 'checkLocalPassword',
); );
throw new NotInDBError(); throw new NoLocalIdentityError();
} }
if (!(await checkPassword(password, internalIdentity.passwordHash ?? ''))) { if (!(await checkPassword(password, internalIdentity.passwordHash ?? ''))) {
this.logger.debug( this.logger.debug(
`Password check for ${user.username} did not succeed.`, `Password check for ${user.username} did not succeed.`,
'checkLocalPassword', 'checkLocalPassword',
); );
throw new NotInDBError(); throw new InvalidCredentialsError();
} }
} }
} }

12
src/identity/local/local.strategy.ts
View file

@ -7,7 +7,10 @@ import { Injectable, UnauthorizedException } from '@nestjs/common';
import { AuthGuard, PassportStrategy } from '@nestjs/passport'; import { AuthGuard, PassportStrategy } from '@nestjs/passport';
import { Strategy } from 'passport-local'; import { Strategy } from 'passport-local';
import { NotInDBError } from '../../errors/errors'; import {
InvalidCredentialsError,
NoLocalIdentityError,
} from '../../errors/errors';
import { UserRelationEnum } from '../../users/user-relation.enum'; import { UserRelationEnum } from '../../users/user-relation.enum';
import { User } from '../../users/user.entity'; import { User } from '../../users/user.entity';
import { UsersService } from '../../users/users.service'; import { UsersService } from '../../users/users.service';
@ -33,9 +36,12 @@ export class LocalStrategy extends PassportStrategy(Strategy, 'local') {
await this.identityService.checkLocalPassword(user, password); await this.identityService.checkLocalPassword(user, password);
return user; return user;
} catch (e) { } catch (e) {
if (e instanceof NotInDBError) { if (
e instanceof InvalidCredentialsError ||
e instanceof NoLocalIdentityError
) {
throw new UnauthorizedException( throw new UnauthorizedException(
'This username and password combination did not work.', 'This username and password combination is not valid.',
); );
} }
throw e; throw e;