Fixed invalid credential handling.

2024-03-17 05:51:18 +01:00 · 2024-03-17 05:51:18 +01:00 · 6f27e0a7dd
parent 8a6e57365c
commit 6f27e0a7dd
2 changed files with 6 additions and 10 deletions
--- a/src/auth.js
+++ b/src/auth.js
@ -47,11 +47,9 @@ export async function login(credentials, userIp) {
 	const { user, stashes } = await fetchUser(credentials.username.trim(), {
 		email: true,
 		raw: true,
-	});
-
-	if (!user) {
+	}).catch(() => {
 		throw new HttpError('Username or password incorrect', 401);
-	}
+	});

 	await verifyPassword(credentials.password, user.password);

@ -59,8 +57,6 @@ export async function login(credentials, userIp) {
 		.update('last_login', 'NOW()')
 		.where('id', user.id);

-	console.log('login user', user);
-
 	logger.verbose(`Login from '${user.username}' (${user.id}, ${userIp})`);

 	try {
--- a/src/users.js
+++ b/src/users.js
@ -46,14 +46,14 @@ export async function fetchUser(userId, options = {}) {
 		.groupBy('users.id', 'users_roles.role')
 		.first();

+	if (!user) {
+		throw new HttpError(`User '${userId}' not found`, 404);
+	}
+
 	const stashes = await knex('stashes')
 		.where('user_id', user.id)
 		.leftJoin('stashes_meta', 'stashes_meta.stash_id', 'stashes.id');

-	if (!user) {
-		throw HttpError(`User '${userId}' not found`, 404);
-	}
-
 	if (options.raw) {
 		return { user, stashes };
 	}