From a849375e2c099336cc8df058624a1d393f61ec22 Mon Sep 17 00:00:00 2001 From: Bryan Newbold Date: Tue, 29 Jan 2019 12:51:09 -0800 Subject: auth editor not-found is a 403 auth response --- rust/src/auth.rs | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'rust') diff --git a/rust/src/auth.rs b/rust/src/auth.rs index 4627a535..7e9b945a 100644 --- a/rust/src/auth.rs +++ b/rust/src/auth.rs @@ -312,7 +312,19 @@ impl AuthConfectionary { "time > {}", created.to_rfc3339_opts(SecondsFormat::Secs, true) )); - let editor: EditorRow = Editor::db_get(conn, editor_id)?; + // not finding the editor_id is an auth issue, not a 404 + let editor: EditorRow = + match Editor::db_get(conn, editor_id).map_err(|e| FatcatError::from(e)) { + Ok(ed) => ed, + Err(FatcatError::NotFound(_, _)) => { + return Err(FatcatError::InvalidCredentials(format!( + "editor_id not found: {}", + editor_id + )) + .into()); + } + other_db_err => other_db_err?, + }; let auth_epoch = DateTime::::from_utc(editor.auth_epoch, Utc); // allow a second of wiggle room for precision and, eg, tests if created < (auth_epoch - chrono::Duration::seconds(1)) { -- cgit v1.2.3