clear auth failure messages (#2635)

2023-09-08 14:27:38 +01:00 · 2023-09-08 14:27:38 +01:00 · 6877e9d1a1
commit 6877e9d1a1
parent b02567d233
4 changed files with 64 additions and 45 deletions
--- a/lib/src/err/mod.rs
+++ b/lib/src/err/mod.rs
@ -109,14 +109,6 @@ pub enum Error {
 	#[error("The SQL query was not parsed fully")]
 	QueryRemaining,

-	/// There was an error with authentication
-	#[error("There was a problem with authentication")]
-	InvalidAuth,
-
-	/// Auth was expected to be set but was unknown
-	#[error("Auth was expected to be set but was unknown")]
-	UnknownAuth,
-
 	/// There was an error with the SQL query
 	#[error("Parse error: {0}")]
 	InvalidQuery(RenderedParserError),
@ -651,6 +643,51 @@ pub enum Error {
 	/// Network target is not allowed
 	#[error("Access to network target '{0}' is not allowed")]
 	NetTargetNotAllowed(String),
+
+	//
+	// Authentication / Signup
+	//
+	#[error("There was an error creating the token")]
+	TokenMakingFailed,
+
+	#[error("No record was returned")]
+	NoRecordFound,
+
+	#[error("The signup query failed")]
+	SignupQueryFailed,
+
+	#[error("The signin query failed")]
+	SigninQueryFailed,
+
+	#[error("This scope does not allow signup")]
+	ScopeNoSignup,
+
+	#[error("This scope does not allow signin")]
+	ScopeNoSignin,
+
+	#[error("The scope does not exist")]
+	NoScopeFound,
+
+	#[error("Username or Password was not provided")]
+	MissingUserOrPass,
+
+	#[error("No signin target to either SC or DB or NS or KV")]
+	NoSigninTarget,
+
+	#[error("The password did not verify")]
+	InvalidPass,
+
+	/// There was an error with authentication
+	#[error("There was a problem with authentication")]
+	InvalidAuth,
+
+	/// There was an error with signing up
+	#[error("There was a problem with signing up")]
+	InvalidSignup,
+
+	/// Auth was expected to be set but was unknown
+	#[error("Auth was expected to be set but was unknown")]
+	UnknownAuth,
 }

 impl From<Error> for String {
--- a/lib/src/iam/signin.rs
+++ b/lib/src/iam/signin.rs
@ -49,8 +49,7 @@ pub async fn signin(
 					// Attempt to signin to database
 					super::signin::db(kvs, session, ns, db, user, pass).await
 				}
-				// There is no username or password
-				_ => Err(Error::InvalidAuth),
+				_ => Err(Error::MissingUserOrPass),
 			}
 		}
 		// NS signin
@ -69,8 +68,7 @@ pub async fn signin(
 					// Attempt to signin to namespace
 					super::signin::ns(kvs, session, ns, user, pass).await
 				}
-				// There is no username or password
-				_ => Err(Error::InvalidAuth),
+				_ => Err(Error::MissingUserOrPass),
 			}
 		}
 		// KV signin
@ -88,11 +86,10 @@ pub async fn signin(
 					// Attempt to signin to root
 					super::signin::kv(kvs, session, user, pass).await
 				}
-				// There is no username or password
-				_ => Err(Error::InvalidAuth),
+				_ => Err(Error::MissingUserOrPass),
 			}
 		}
-		_ => Err(Error::InvalidAuth),
+		_ => Err(Error::NoSigninTarget),
 	}
 }

@ -165,23 +162,18 @@ pub async fn sc(
 								match enc {
 									// The auth token was created successfully
 									Ok(tk) => Ok(Some(tk)),
-									// There was an error creating the token
-									_ => Err(Error::InvalidAuth),
+									_ => Err(Error::TokenMakingFailed),
 								}
 							}
-							// No record was returned
-							_ => Err(Error::InvalidAuth),
+							_ => Err(Error::NoRecordFound),
 						},
-						// The signin query failed
-						_ => Err(Error::InvalidAuth),
+						_ => Err(Error::SigninQueryFailed),
 					}
 				}
-				// This scope does not allow signin
-				_ => Err(Error::InvalidAuth),
+				_ => Err(Error::ScopeNoSignin),
 			}
 		}
-		// The scope does not exists
-		_ => Err(Error::InvalidAuth),
+		_ => Err(Error::NoScopeFound),
 	}
 }

@ -220,11 +212,9 @@ pub async fn db(
 			match enc {
 				// The auth token was created successfully
 				Ok(tk) => Ok(Some(tk)),
-				// There was an error creating the token
-				_ => Err(Error::InvalidAuth),
+				_ => Err(Error::TokenMakingFailed),
 			}
 		}
-		// The password did not verify
 		_ => Err(Error::InvalidAuth),
 	}
 }
@ -261,8 +251,7 @@ pub async fn ns(
 			match enc {
 				// The auth token was created successfully
 				Ok(tk) => Ok(Some(tk)),
-				// There was an error creating the token
-				_ => Err(Error::InvalidAuth),
+				_ => Err(Error::TokenMakingFailed),
 			}
 		}
 		Err(e) => Err(e),
@ -298,8 +287,7 @@ pub async fn kv(
 			match enc {
 				// The auth token was created successfully
 				Ok(tk) => Ok(Some(tk)),
-				// There was an error creating the token
-				_ => Err(Error::InvalidAuth),
+				_ => Err(Error::TokenMakingFailed),
 			}
 		}
 		Err(e) => Err(e),
--- a/lib/src/iam/signup.rs
+++ b/lib/src/iam/signup.rs
@ -30,7 +30,7 @@ pub async fn signup(
 			// Attempt to signup to specified scope
 			super::signup::sc(kvs, session, ns, db, sc, vars).await
 		}
-		_ => Err(Error::InvalidAuth),
+		_ => Err(Error::InvalidSignup),
 	}
 }

@ -103,22 +103,17 @@ pub async fn sc(
 								match enc {
 									// The auth token was created successfully
 									Ok(tk) => Ok(Some(tk)),
-									// There was an error creating the token
-									_ => Err(Error::InvalidAuth),
+									_ => Err(Error::TokenMakingFailed),
 								}
 							}
-							// No record was returned
-							_ => Err(Error::InvalidAuth),
+							_ => Err(Error::NoRecordFound),
 						},
-						// The signup query failed
-						Err(_) => Err(Error::InvalidAuth),
+						Err(_) => Err(Error::SignupQueryFailed),
 					}
 				}
-				// This scope does not allow signup
-				_ => Err(Error::InvalidAuth),
+				_ => Err(Error::ScopeNoSignup),
 			}
 		}
-		// The scope does not exists
-		_ => Err(Error::InvalidAuth),
+		_ => Err(Error::NoScopeFound),
 	}
 }
--- a/lib/src/iam/verify.rs
+++ b/lib/src/iam/verify.rs
@ -484,8 +484,7 @@ fn verify_pass(pass: &str, hash: &str) -> Result<(), Error> {
 	// Attempt to verify the password using Argon2
 	match Argon2::default().verify_password(pass.as_ref(), &hash) {
 		Ok(_) => Ok(()),
-		// The password did not verify
-		_ => Err(Error::InvalidAuth),
+		_ => Err(Error::InvalidPass),
 	}
 }