notfire/Iceshrimp.NET
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[backend/api] Switch to GracefulException in AuthController

Browse source
This commit is contained in:
Laura Hausmann 2024-04-09 15:53:53 +02:00
parent dfa6b5a5ae
commit 08cd1f2c66
No known key found for this signature in database
GPG key ID: D044E84C5BE01605
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
Iceshrimp.Backend/Controllers/AuthController.cs
View file

@ -52,12 +52,12 @@ public class AuthController(DatabaseContext db, UserService userSvc, UserRendere
var user = await db.Users.FirstOrDefaultAsync(p => p.Host == null && var user = await db.Users.FirstOrDefaultAsync(p => p.Host == null &&
p.UsernameLower == request.Username.ToLowerInvariant()); p.UsernameLower == request.Username.ToLowerInvariant());
if (user == null) if (user == null)
return StatusCode(StatusCodes.Status403Forbidden); throw GracefulException.Forbidden("Invalid username or password");
var profile = await db.UserProfiles.FirstOrDefaultAsync(p => p.User == user); var profile = await db.UserProfiles.FirstOrDefaultAsync(p => p.User == user);
if (profile?.Password == null) if (profile?.Password == null)
return StatusCode(StatusCodes.Status403Forbidden); throw GracefulException.Forbidden("Invalid username or password");
if (!AuthHelpers.ComparePassword(request.Password, profile.Password)) if (!AuthHelpers.ComparePassword(request.Password, profile.Password))
return StatusCode(StatusCodes.Status403Forbidden); throw GracefulException.Forbidden("Invalid username or password");
var session = HttpContext.GetSession(); var session = HttpContext.GetSession();
if (session == null) if (session == null)