app: improve error message for wrong/expired reset token

2023-02-15 14:21:51 +01:00
parent 193a0fd710
commit bebb00aa2e
4 changed files with 78 additions and 69 deletions
--- a/server/src/infra/auth_service.rs
+++ b/server/src/infra/auth_service.rs
@@ -214,11 +214,15 @@ where
    let token = request
        .match_info()
        .get("token")
-        .ok_or_else(|| TcpError::BadRequest("Missing reset token".to_string()))?;
+        .ok_or_else(|| TcpError::BadRequest("Missing reset token".to_owned()))?;
    let user_id = data
        .backend_handler
        .get_user_id_for_password_reset_token(token)
-        .await?;
+        .await
+        .map_err(|e| {
+            debug!("Reset token error: {e:#}");
+            TcpError::NotFoundError("Wrong or expired reset token".to_owned())
+        })?;
    let _ = data
        .backend_handler
        .delete_password_reset_token(token)
--- a/server/src/infra/tcp_server.rs
+++ b/server/src/infra/tcp_server.rs
@@ -37,6 +37,8 @@ pub enum TcpError {
    BadRequest(String),
    #[error("Internal server error: `{0}`")]
    InternalServerError(String),
+    #[error("Not found: `{0}`")]
+    NotFoundError(String),
    #[error("Unauthorized: `{0}`")]
    UnauthorizedError(String),
 }
@@ -57,6 +59,7 @@ pub(crate) fn error_to_http_response(error: TcpError) -> HttpResponse {
            | DomainError::EntityNotFound(_) => HttpResponse::BadRequest(),
        },
        TcpError::BadRequest(_) => HttpResponse::BadRequest(),
+        TcpError::NotFoundError(_) => HttpResponse::NotFound(),
        TcpError::InternalServerError(_) => HttpResponse::InternalServerError(),
        TcpError::UnauthorizedError(_) => HttpResponse::Unauthorized(),
    }