Change error types in checkLocalPassword and updateLocalPassword to InvalidCredentialsError and NoLocalIdentityError

Signed-off-by: Yannick Bungers <git@innay.de>
2024-11-25 11:16:31 -05:00 · 2022-01-06 21:59:46 +01:00 · 2022-01-06 21:59:46 +01:00 · 29f60f8140
commit 29f60f8140
parent 9ecf7ba2be
4 changed files with 38 additions and 15 deletions
--- a/src/api/private/auth/auth.controller.ts
+++ b/src/api/private/auth/auth.controller.ts
@ -17,7 +17,11 @@ import {
 } from '@nestjs/common';
 import { Session } from 'express-session';

-import { AlreadyInDBError, NotInDBError } from '../../../errors/errors';
+import {
+  AlreadyInDBError,
+  InvalidCredentialsError,
+  NoLocalIdentityError,
+} from '../../../errors/errors';
 import { IdentityService } from '../../../identity/identity.service';
 import { LocalAuthGuard } from '../../../identity/local/local.strategy';
 import { LoginDto } from '../../../identity/local/login.dto';
@ -80,10 +84,11 @@ export class AuthController {
      );
      return;
    } catch (e) {
-      if (e instanceof NotInDBError) {
-        throw new UnauthorizedException(
-          'Verifying your identity with the current password did not work.',
-        );
+      if (e instanceof InvalidCredentialsError) {
+        throw new UnauthorizedException('Password is not correct');
+      }
+      if (e instanceof NoLocalIdentityError) {
+        throw new BadRequestException('User has no local identity.');
      }
      throw e;
    }
--- a/src/errors/errors.ts
+++ b/src/errors/errors.ts
@ -43,3 +43,11 @@ export class MediaBackendError extends Error {
 export class PrimaryAliasDeletionForbiddenError extends Error {
  name = 'PrimaryAliasDeletionForbiddenError';
 }
+
+export class InvalidCredentialsError extends Error {
+  name = 'InvalidCredentialsError';
+}
+
+export class NoLocalIdentityError extends Error {
+  name = 'NoLocalIdentityError';
+}
--- a/src/identity/identity.service.ts
+++ b/src/identity/identity.service.ts
@ -8,7 +8,10 @@ import { InjectRepository } from '@nestjs/typeorm';
 import { Repository } from 'typeorm';

 import authConfiguration, { AuthConfig } from '../config/auth.config';
-import { NotInDBError } from '../errors/errors';
+import {
+  InvalidCredentialsError,
+  NoLocalIdentityError,
+} from '../errors/errors';
 import { ConsoleLoggerService } from '../logger/console-logger.service';
 import { User } from '../users/user.entity';
 import { checkPassword, hashPassword } from '../utils/password';
@ -46,7 +49,7 @@ export class IdentityService {
   * Update the internal password of the specified the user
   * @param {User} user - the user, which identity should be updated
   * @param {string} newPassword - the new password
-   * @throws {NotInDBError} the specified user has no internal identity
+   * @throws {NoLocalIdentityError} the specified user has no internal identity
   * @return {Identity} the changed identity
   */
  async updateLocalPassword(
@ -60,7 +63,7 @@ export class IdentityService {
        `The user with the username ${user.username} does not have a internal identity.`,
        'updateLocalPassword',
      );
-      throw new NotInDBError('This user has no internal identity.');
+      throw new NoLocalIdentityError('This user has no internal identity.');
    }
    internalIdentity.passwordHash = await hashPassword(newPassword);
    return await this.identityRepository.save(internalIdentity);
@ -68,10 +71,11 @@ export class IdentityService {

  /**
   * @async
-   * Login the user with their username and password
+   * Checks if the user and password combination matches
   * @param {User} user - the user to use
   * @param {string} password - the password to use
-   * @throws {NotInDBError} the specified user can't be logged in
+   * @throws {InvalidCredentialsError} the password and user do not match
+   * @throws {NoLocalIdentityError} the specified user has no internal identity
   */
  async checkLocalPassword(user: User, password: string): Promise<void> {
    const internalIdentity: Identity | undefined =
@ -81,14 +85,14 @@ export class IdentityService {
        `The user with the username ${user.username} does not have a internal identity.`,
        'checkLocalPassword',
      );
-      throw new NotInDBError();
+      throw new NoLocalIdentityError();
    }
    if (!(await checkPassword(password, internalIdentity.passwordHash ?? ''))) {
      this.logger.debug(
        `Password check for ${user.username} did not succeed.`,
        'checkLocalPassword',
      );
-      throw new NotInDBError();
+      throw new InvalidCredentialsError();
    }
  }
 }
--- a/src/identity/local/local.strategy.ts
+++ b/src/identity/local/local.strategy.ts
@ -7,7 +7,10 @@ import { Injectable, UnauthorizedException } from '@nestjs/common';
 import { AuthGuard, PassportStrategy } from '@nestjs/passport';
 import { Strategy } from 'passport-local';

-import { NotInDBError } from '../../errors/errors';
+import {
+  InvalidCredentialsError,
+  NoLocalIdentityError,
+} from '../../errors/errors';
 import { UserRelationEnum } from '../../users/user-relation.enum';
 import { User } from '../../users/user.entity';
 import { UsersService } from '../../users/users.service';
@ -33,9 +36,12 @@ export class LocalStrategy extends PassportStrategy(Strategy, 'local') {
      await this.identityService.checkLocalPassword(user, password);
      return user;
    } catch (e) {
-      if (e instanceof NotInDBError) {
+      if (
+        e instanceof InvalidCredentialsError ||
+        e instanceof NoLocalIdentityError
+      ) {
        throw new UnauthorizedException(
-          'This username and password combination did not work.',
+          'This username and password combination is not valid.',
        );
      }
      throw e;