0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-30 20:33:54 -05:00

refactor: refine sign-in errors

This commit is contained in:
Gao Sun 2021-07-25 17:35:01 +08:00
parent 405513c977
commit f422c3ae3f
No known key found for this signature in database
GPG key ID: 0F0EFA2E36639F31
5 changed files with 49 additions and 21 deletions

View file

@ -0,0 +1,11 @@
export enum SignInErrorCode {
InvalidCredentials = 'sign_in.invalid_credentials',
InvalidSignInMethod = 'sign_in.invalid_sign_in_method',
InsufficientInfo = 'sign_in.insufficient_info',
}
export const signInErrorMessage: Record<SignInErrorCode, string> = {
[SignInErrorCode.InvalidCredentials]: 'Invalid credentials. Please check your input.',
[SignInErrorCode.InvalidSignInMethod]: 'Current sign-in method is not available.',
[SignInErrorCode.InsufficientInfo]: 'Insufficent sign-in info.',
};

View file

@ -3,10 +3,12 @@ import { guardErrorMessage } from './collection/guard-errors';
import { oidcErrorMessage } from './collection/oidc-errors';
import { registerErrorMessage } from './collection/register-errors';
import { swaggerErrorMessage } from './collection/swagger-errors';
import { signInErrorMessage } from './collection/sign-in-errors';
export const requestErrorMessage: Record<RequestErrorCode, string> = {
...guardErrorMessage,
...oidcErrorMessage,
...registerErrorMessage,
...swaggerErrorMessage,
...signInErrorMessage,
};

View file

@ -2,14 +2,16 @@ import { GuardErrorCode } from './collection/guard-errors';
import { OidcErrorCode } from './collection/oidc-errors';
import { RegisterErrorCode } from './collection/register-errors';
import { SwaggerErrorCode } from './collection/swagger-errors';
import { SignInErrorCode } from './collection/sign-in-errors';
export { GuardErrorCode, OidcErrorCode, SwaggerErrorCode, RegisterErrorCode };
export { GuardErrorCode, OidcErrorCode, SwaggerErrorCode, RegisterErrorCode, SignInErrorCode };
export type RequestErrorCode =
| GuardErrorCode
| OidcErrorCode
| RegisterErrorCode
| SwaggerErrorCode;
| SwaggerErrorCode
| SignInErrorCode;
export type RequestErrorMetadata = {
code: RequestErrorCode;

View file

@ -3,7 +3,7 @@ import proxy from 'koa-proxies';
// CAUTION: this is for testing only
export default function uiProxy() {
return proxy(/^\/(?!api|oidc).*$/, {
target: 'http://localhost:3000',
target: 'http://localhost:5000',
changeOrigin: true,
logs: true,
});

View file

@ -6,7 +6,7 @@ import { findUserById } from '@/queries/user';
import { Provider } from 'oidc-provider';
import { conditional } from '@logto/essentials';
import koaGuard from '@/middleware/koa-guard';
import { OidcErrorCode } from '@/errors/RequestError';
import RequestError, { OidcErrorCode, SignInErrorCode } from '@/errors/RequestError';
export default function signInRoutes(provider: Provider) {
const router = new Router();
@ -22,25 +22,38 @@ export default function signInRoutes(provider: Provider) {
if (name === 'login') {
const { id, password } = ctx.guard.body;
assert(id && password, 'Insufficent sign-in info.');
const { passwordEncrypted, passwordEncryptionMethod, passwordEncryptionSalt } =
await findUserById(id);
assert(id && password, new RequestError(SignInErrorCode.InsufficientInfo));
assert(passwordEncrypted && passwordEncryptionMethod && passwordEncryptionSalt);
assert(
encryptPassword(id, password, passwordEncryptionSalt, passwordEncryptionMethod) ===
passwordEncrypted
);
try {
const { passwordEncrypted, passwordEncryptionMethod, passwordEncryptionSalt } =
await findUserById(id);
const redirectTo = await provider.interactionResult(
ctx.req,
ctx.res,
{
login: { accountId: id },
},
{ mergeWithLastSubmission: false }
);
ctx.body = { redirectTo };
assert(
passwordEncrypted && passwordEncryptionMethod && passwordEncryptionSalt,
new RequestError(SignInErrorCode.InvalidSignInMethod)
);
assert(
encryptPassword(id, password, passwordEncryptionSalt, passwordEncryptionMethod) ===
passwordEncrypted,
new RequestError(SignInErrorCode.InvalidCredentials)
);
const redirectTo = await provider.interactionResult(
ctx.req,
ctx.res,
{
login: { accountId: id },
},
{ mergeWithLastSubmission: false }
);
ctx.body = { redirectTo };
} catch (error: unknown) {
if (!(error instanceof RequestError)) {
throw new RequestError(SignInErrorCode.InvalidCredentials);
}
throw error;
}
} else if (name === 'consent') {
ctx.body = { redirectTo: ctx.request.origin + '/sign-in/consent' };
} else {