From 440e530aa65e649f3e687543b3a525481f8b40c8 Mon Sep 17 00:00:00 2001
From: idillon <io.daza-dillon@savoirfairelinux.com>
Date: Thu, 3 Aug 2023 20:25:24 -0400
Subject: [PATCH] Show "Invalid credentials" message for invalid username and
 invalid password"

Change-Id: I92c28c7e182d78bef21accd842db447f65079a70
---
 client/cypress/e2e/auth/auth.cy.ts            | 2 +-
 client/src/contexts/AlertSnackbarProvider.tsx | 6 +++---
 client/src/locale/en/translation.json         | 2 --
 client/src/locale/fr/translation.json         | 2 --
 client/src/services/adminQueries.ts           | 4 ++--
 client/src/services/authQueries.ts            | 2 +-
 server/src/routers/auth-router.ts             | 4 ++--
 7 files changed, 9 insertions(+), 13 deletions(-)

diff --git a/client/cypress/e2e/auth/auth.cy.ts b/client/cypress/e2e/auth/auth.cy.ts
index 162fdf6f..03ea6e37 100644
--- a/client/cypress/e2e/auth/auth.cy.ts
+++ b/client/cypress/e2e/auth/auth.cy.ts
@@ -44,7 +44,7 @@ describe('authentication', () => {
 
     cy.get('[data-cy="login-button"]').contains('Log in').click();
 
-    cy.get('.MuiAlert-message').contains('Incorrect password');
+    cy.get('.MuiAlert-message').contains('Invalid credentials');
   });
 
   it('log in without UI', () => {
diff --git a/client/src/contexts/AlertSnackbarProvider.tsx b/client/src/contexts/AlertSnackbarProvider.tsx
index 099291ea..a9f4f315 100644
--- a/client/src/contexts/AlertSnackbarProvider.tsx
+++ b/client/src/contexts/AlertSnackbarProvider.tsx
@@ -81,7 +81,7 @@ type AlertMessageKeys =
   | 'unknown_error_alert'
   | 'username_input_helper_text_empty'
   | 'password_input_helper_text_empty'
-  | 'login_invalid_password'
+  | 'login_invalid_credentials'
   | 'registration_success'
   | '';
 
@@ -111,8 +111,8 @@ const AlertSnackbarProvider = ({ children }: WithChildren) => {
           return t('username_input_helper_text_empty');
         case 'password_input_helper_text_empty':
           return t('password_input_helper_text_empty');
-        case 'login_invalid_password':
-          return t('login_invalid_password');
+        case 'login_invalid_credentials':
+          return t('login_invalid_credentials');
         case 'registration_success':
           return t('registration_success');
         case 'redirect_admin_setup_complete':
diff --git a/client/src/locale/en/translation.json b/client/src/locale/en/translation.json
index 8f18869e..74b4ce2b 100644
--- a/client/src/locale/en/translation.json
+++ b/client/src/locale/en/translation.json
@@ -80,8 +80,6 @@
   "login_form_to_registration_text": "Need an account?",
   "login_form_username_tooltip": "The username you registered with",
   "login_invalid_credentials": "Invalid credentials",
-  "login_invalid_password": "Incorrect password",
-  "login_username_not_found": "Username not found",
   "logout": "Log out",
   "Menu": "Menu",
   "message_call_incoming": "Incoming call - {{duration}}",
diff --git a/client/src/locale/fr/translation.json b/client/src/locale/fr/translation.json
index b0e385b2..5dbab812 100644
--- a/client/src/locale/fr/translation.json
+++ b/client/src/locale/fr/translation.json
@@ -80,8 +80,6 @@
   "login_form_to_registration_text": "Besoin d'un compte?",
   "login_form_username_tooltip": "Le nom d'utilisateur avec lequel vous vous ĂȘtes inscrit(e)",
   "login_invalid_credentials": "Identifiants incorrects",
-  "login_invalid_password": "Mot de passe incorrect",
-  "login_username_not_found": "Nom d'utilisateur introuvable",
   "logout": "Se déconnecter",
   "Menu": "Menu",
   "message_call_incoming": "Appel sortant - {{duration}}",
diff --git a/client/src/services/adminQueries.ts b/client/src/services/adminQueries.ts
index d1037eae..b4a61914 100644
--- a/client/src/services/adminQueries.ts
+++ b/client/src/services/adminQueries.ts
@@ -43,7 +43,7 @@ export const useSetupAdminMutation = () => {
     onError: (e: any) => {
       if (e.response?.status === HttpStatusCode.BadRequest) {
         setAlertContent({
-          messageI18nKey: 'login_invalid_password',
+          messageI18nKey: 'login_invalid_credentials',
           severity: 'error',
           alertOpen: true,
         });
@@ -87,7 +87,7 @@ export const useLoginAdminMutation = () => {
         });
       } else if (e.response?.status === HttpStatusCode.Unauthorized) {
         setAlertContent({
-          messageI18nKey: 'login_invalid_password',
+          messageI18nKey: 'login_invalid_credentials',
           severity: 'error',
           alertOpen: true,
         });
diff --git a/client/src/services/authQueries.ts b/client/src/services/authQueries.ts
index 45f78dd5..8b50a5f1 100644
--- a/client/src/services/authQueries.ts
+++ b/client/src/services/authQueries.ts
@@ -140,7 +140,7 @@ export const useLoginMutation = () => {
         //TODO: there are two different not found responses that could be returned by the server, use message to differentiate them?
         //continue when the auth flow is clear
       } else if (status === HttpStatusCode.Unauthorized) {
-        setAlertContent({ messageI18nKey: 'login_invalid_password', severity: 'error', alertOpen: true });
+        setAlertContent({ messageI18nKey: 'login_invalid_credentials', severity: 'error', alertOpen: true });
       } else {
         setAlertContent({ messageI18nKey: 'unknown_error_alert', severity: 'error', alertOpen: true });
       }
diff --git a/server/src/routers/auth-router.ts b/server/src/routers/auth-router.ts
index 736bfc29..b5b23993 100644
--- a/server/src/routers/auth-router.ts
+++ b/server/src/routers/auth-router.ts
@@ -107,14 +107,14 @@ authRouter.post(
     // Check if the account is stored on this daemon instance
     const accountId = jamid.getAccountIdFromUsername(username);
     if (accountId === undefined) {
-      res.status(HttpStatusCode.NotFound).send('Username not found');
+      res.status(HttpStatusCode.Unauthorized).send('Username not found');
       return;
     }
 
     const hashedPassword = accounts.get(username, isJams);
     if (hashedPassword === undefined) {
       res
-        .status(HttpStatusCode.NotFound)
+        .status(HttpStatusCode.Unauthorized)
         .send('Password not found (the account does not have a password set on the server)');
       return;
     }
-- 
GitLab