Add better authentication error messages

insapp-io · Jan 7, 2020 · 4c0e7e1 · 4c0e7e1
1 parent 01d80cd
commit 4c0e7e1
Showing 1 changed file with 12 additions and 4 deletions.
diff --git a/loginController.go b/loginController.go
@@ -139,7 +139,7 @@ func LoginAssociationController(w http.ResponseWriter, r *http.Request) {
 	if err != nil {
 		w.WriteHeader(http.StatusUnauthorized)
 		json.NewEncoder(w).Encode(bson.M{
-			"error": "failed to authenticate",
+			"error": fmt.Sprintf("failed to authenticate: %s", err.Error()),
 		})
 
 		return
@@ -208,13 +208,21 @@ func checkLoginForAssociation(login AssociationLogin) (*AssociationUser, error)
 	db := session.DB("insapp").C("association_user")
 
 	var result AssociationUser
-	err := db.Find(bson.M{
+	err1 := db.Find(bson.M{
+		"username": login.Username,
+	}).One(&result)
+
+	if err1 != nil {
+		return nil, errors.New("unknown user")
+	}
+
+	err2 := db.Find(bson.M{
 		"username": login.Username,
 		"password": GetMD5Hash(login.Password),
 	}).One(&result)
 
-	if err != nil {
-		return nil, err
+	if err2 != nil {
+		return nil, errors.New("wrong password")
 	}
 
 	return &result, nil