3pp-mirror/penpot
1
0
Fork 0
mirror of https://github.com/penpot/penpot.git synced 2025-06-02 06:21:37 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add better error hints on auth ns

Browse source
This commit is contained in:
Andrey Antukh 2025-04-04 14:04:57 +02:00
parent 9fc671cc17
commit 5cb39874a2
1 changed files with 13 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

23
backend/src/app/rpc/commands/auth.clj
View file

@ -55,7 +55,7 @@
(contains? cf/flags :login-with-password)) (contains? cf/flags :login-with-password))
(ex/raise :type :restriction (ex/raise :type :restriction
:code :login-disabled :code :login-disabled
:hint "login is disabled in this instance")) :hint "login is disabled"))
(letfn [(check-password [cfg profile password] (letfn [(check-password [cfg profile password]
(if (= (:password profile) "!") (if (= (:password profile) "!")
@ -79,7 +79,8 @@
:code :wrong-credentials)) :code :wrong-credentials))
(when (:is-blocked profile) (when (:is-blocked profile)
(ex/raise :type :restriction (ex/raise :type :restriction
:code :profile-blocked)) :code :profile-blocked
:hint "profile is marked as blocked"))
(when-not (check-password cfg profile password) (when-not (check-password cfg profile password)
(ex/raise :type :validation (ex/raise :type :validation
:code :wrong-credentials)) :code :wrong-credentials))
@ -183,11 +184,11 @@
(defn- validate-register-attempt! (defn- validate-register-attempt!
[cfg params] [cfg params]
(when (or (when (or (not (contains? cf/flags :registration))
(not (contains? cf/flags :registration)) (not (contains? cf/flags :login-with-password)))
(not (contains? cf/flags :login-with-password)))
(ex/raise :type :restriction (ex/raise :type :restriction
:code :registration-disabled)) :code :registration-disabled
:hint "registration disabled"))
(when (contains? params :invitation-token) (when (contains? params :invitation-token)
(let [invitation (tokens/verify (::setup/props cfg) (let [invitation (tokens/verify (::setup/props cfg)
@ -201,12 +202,14 @@
(when (and (email.blacklist/enabled? cfg) (when (and (email.blacklist/enabled? cfg)
(email.blacklist/contains? cfg (:email params))) (email.blacklist/contains? cfg (:email params)))
(ex/raise :type :restriction (ex/raise :type :restriction
:code :email-domain-is-not-allowed)) :code :email-domain-is-not-allowed
:hint "email domain in blacklist"))
(when (and (email.whitelist/enabled? cfg) (when (and (email.whitelist/enabled? cfg)
(not (email.whitelist/contains? cfg (:email params)))) (not (email.whitelist/contains? cfg (:email params))))
(ex/raise :type :restriction (ex/raise :type :restriction
:code :email-domain-is-not-allowed)) :code :email-domain-is-not-allowed
:hint "email domain not in whitelist"))
;; Perform a basic validation of email & password ;; Perform a basic validation of email & password
(when (= (str/lower (:email params)) (when (= (str/lower (:email params))
@ -219,13 +222,13 @@
(ex/raise :type :restriction (ex/raise :type :restriction
:code :email-has-permanent-bounces :code :email-has-permanent-bounces
:email (:email params) :email (:email params)
:hint "looks like the email has bounce reports")) :hint "email has bounce reports"))
(when (eml/has-complaint-reports? cfg (:email params)) (when (eml/has-complaint-reports? cfg (:email params))
(ex/raise :type :restriction (ex/raise :type :restriction
:code :email-has-complaints :code :email-has-complaints
:email (:email params) :email (:email params)
:hint "looks like the email has complaint reports"))) :hint "email has complaint reports")))
(defn prepare-register (defn prepare-register
[{:keys [::db/pool] :as cfg} {:keys [email] :as params}] [{:keys [::db/pool] :as cfg} {:keys [email] :as params}]