From 08cd1f2c661b17a9442bb36e17dfeaddc4b98b68 Mon Sep 17 00:00:00 2001
From: Laura Hausmann <laura@hausmann.dev>
Date: Tue, 9 Apr 2024 15:53:53 +0200
Subject: [PATCH] [backend/api] Switch to GracefulException in AuthController

---
 Iceshrimp.Backend/Controllers/AuthController.cs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/Iceshrimp.Backend/Controllers/AuthController.cs b/Iceshrimp.Backend/Controllers/AuthController.cs
index 50ceead9..39031900 100644
--- a/Iceshrimp.Backend/Controllers/AuthController.cs
+++ b/Iceshrimp.Backend/Controllers/AuthController.cs
@@ -52,12 +52,12 @@ public class AuthController(DatabaseContext db, UserService userSvc, UserRendere
 		var user = await db.Users.FirstOrDefaultAsync(p => p.Host == null &&
 		                                                   p.UsernameLower == request.Username.ToLowerInvariant());
 		if (user == null)
-			return StatusCode(StatusCodes.Status403Forbidden);
+			throw GracefulException.Forbidden("Invalid username or password");
 		var profile = await db.UserProfiles.FirstOrDefaultAsync(p => p.User == user);
 		if (profile?.Password == null)
-			return StatusCode(StatusCodes.Status403Forbidden);
+			throw GracefulException.Forbidden("Invalid username or password");
 		if (!AuthHelpers.ComparePassword(request.Password, profile.Password))
-			return StatusCode(StatusCodes.Status403Forbidden);
+			throw GracefulException.Forbidden("Invalid username or password");
 
 		var session = HttpContext.GetSession();
 		if (session == null)