login logout proper http error handling.

2024-07-24 14:40:50 +12:00 · 2023-01-12 23:21:56 +01:00 · 2023-01-12 23:21:56 +01:00 · 6574470278
commit 6574470278
parent b793e5b377
1 changed files with 13 additions and 2 deletions
--- a/internal/api/session.go
+++ b/internal/api/session.go
@ -1,6 +1,7 @@
 package api

 import (
+	"errors"
 	"net/http"

 	"github.com/demodesk/neko/pkg/auth"
@ -28,7 +29,13 @@ func (api *ApiManagerCtx) Login(w http.ResponseWriter, r *http.Request) error {

 	session, token, err := api.members.Login(data.Username, data.Password)
 	if err != nil {
-		return utils.HttpUnauthorized().WithInternalErr(err)
+		if errors.Is(err, types.ErrSessionAlreadyConnected) {
+			return utils.HttpUnprocessableEntity("session already connected")
+		} else if errors.Is(err, types.ErrMemberDoesNotExist) || errors.Is(err, types.ErrMemberInvalidPassword) {
+			return utils.HttpUnauthorized().WithInternalErr(err)
+		} else {
+			return utils.HttpInternalServerError().WithInternalErr(err)
+		}
 	}

 	sessionData := SessionDataPayload{
@ -51,7 +58,11 @@ func (api *ApiManagerCtx) Logout(w http.ResponseWriter, r *http.Request) error {

 	err := api.members.Logout(session.ID())
 	if err != nil {
-		return utils.HttpUnauthorized().WithInternalErr(err)
+		if errors.Is(err, types.ErrSessionNotFound) {
+			return utils.HttpBadRequest("session is not logged in")
+		} else {
+			return utils.HttpInternalServerError().WithInternalErr(err)
+		}
 	}

 	if api.sessions.CookieEnabled() {