diff options
author | Bryan Newbold <bnewbold@robocracy.org> | 2019-01-29 12:51:09 -0800 |
---|---|---|
committer | Bryan Newbold <bnewbold@robocracy.org> | 2019-01-29 12:51:09 -0800 |
commit | a849375e2c099336cc8df058624a1d393f61ec22 (patch) | |
tree | a8bf51d5f03278683c11456d7bf2249081566479 | |
parent | 5aac6ec1a46a64b810f4695de968a10cab000914 (diff) | |
download | fatcat-a849375e2c099336cc8df058624a1d393f61ec22.tar.gz fatcat-a849375e2c099336cc8df058624a1d393f61ec22.zip |
auth editor not-found is a 403 auth response
-rw-r--r-- | rust/src/auth.rs | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/rust/src/auth.rs b/rust/src/auth.rs index 4627a535..7e9b945a 100644 --- a/rust/src/auth.rs +++ b/rust/src/auth.rs @@ -312,7 +312,19 @@ impl AuthConfectionary { "time > {}", created.to_rfc3339_opts(SecondsFormat::Secs, true) )); - let editor: EditorRow = Editor::db_get(conn, editor_id)?; + // not finding the editor_id is an auth issue, not a 404 + let editor: EditorRow = + match Editor::db_get(conn, editor_id).map_err(|e| FatcatError::from(e)) { + Ok(ed) => ed, + Err(FatcatError::NotFound(_, _)) => { + return Err(FatcatError::InvalidCredentials(format!( + "editor_id not found: {}", + editor_id + )) + .into()); + } + other_db_err => other_db_err?, + }; let auth_epoch = DateTime::<Utc>::from_utc(editor.auth_epoch, Utc); // allow a second of wiggle room for precision and, eg, tests if created < (auth_epoch - chrono::Duration::seconds(1)) { |