diff --git a/pkg/auth/authenticator.go b/pkg/auth/authenticator.go index f34f804..1c0d637 100644 --- a/pkg/auth/authenticator.go +++ b/pkg/auth/authenticator.go @@ -20,6 +20,7 @@ import ( ) var ( + ErrDisabled = errors.New("user disabled") ErrInvalidAuth = errors.New("invalid auth") ErrInvalidHandler = errors.New("no such handler") ) diff --git a/pkg/auth/session.go b/pkg/auth/session.go index d24ca93..f08dbf1 100644 --- a/pkg/auth/session.go +++ b/pkg/auth/session.go @@ -160,7 +160,7 @@ func (a *Authenticator) TokenHandler(c echo.Context) error { // TODO: success user, err := a.getOrCreateUser(cred) if err != nil { - return c.JSON(http.StatusUnauthorized, AuthError{Error: "access_denied", Description: "bad user"}) + return c.JSON(http.StatusUnauthorized, AuthError{Error: "access_denied", Description: err.Error()}) } if err := user.allowedToAuth(); err != nil { diff --git a/pkg/auth/user.go b/pkg/auth/user.go index 88226d4..ded2f98 100644 --- a/pkg/auth/user.go +++ b/pkg/auth/user.go @@ -27,7 +27,7 @@ type UserMetadata struct { func (u *User) allowedToAuth() error { if !u.Active { - return errors.New("user disabled") + return ErrDisabled } return nil @@ -37,7 +37,7 @@ func (a *Authenticator) getOrCreateUser(c *Credential) (*User, error) { log.Debug().Interface("userdata", c.user.ProviderUserData()).Msg("getOrCreateUser") u := a.store.User(c.UserID) if u == nil { - return nil, errors.New("no such user) + return nil, ErrInvalidAuth } return u, nil