Skip to content

Commit 651f32e

Browse files
diceddiced
committed
fix: remove split user/pass error
1 parent dcbd9e4 commit 651f32e

File tree

2 files changed

+8
-6
lines changed

2 files changed

+8
-6
lines changed

src/pages/auth/login.tsx

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -95,9 +95,10 @@ export default function Login({ config }: InferGetServerSidePropsType<typeof get
9595
});
9696

9797
if (error) {
98-
if (error.error === 'Invalid username') form.setFieldError('username', 'Invalid username');
99-
else if (error.error === 'Invalid password') form.setFieldError('password', 'Invalid password');
100-
else if (error.error === 'Invalid code') setPinError(error.error!);
98+
if (error.error === 'Invalid username or password') {
99+
form.setFieldError('username', 'Invalid username');
100+
form.setFieldError('password', 'Invalid password');
101+
} else if (error.error === 'Invalid code') setPinError(error.error!);
101102
setPinDisabled(false);
102103
} else {
103104
if (data!.totp) {

src/server/routes/api/auth/login.ts

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@ import { verifyPassword } from '@/lib/crypto';
22
import { prisma } from '@/lib/db';
33
import { User, userSelect } from '@/lib/db/models/user';
44
import { log } from '@/lib/logger';
5+
import { secondlyRatelimit } from '@/lib/ratelimits';
56
import { verifyTotpCode } from '@/lib/totp';
67
import { getSession, saveSession } from '@/server/session';
78
import fastifyPlugin from 'fastify-plugin';
@@ -22,7 +23,7 @@ const logger = log('api').c('auth').c('login');
2223
export const PATH = '/api/auth/login';
2324
export default fastifyPlugin(
2425
(server, _, done) => {
25-
server.post<{ Body: Body }>(PATH, async (req, res) => {
26+
server.post<{ Body: Body }>(PATH, secondlyRatelimit(2), async (req, res) => {
2627
const session = await getSession(req, res);
2728

2829
session.id = null;
@@ -43,7 +44,7 @@ export default fastifyPlugin(
4344
token: true,
4445
},
4546
});
46-
if (!user) return res.badRequest('Invalid username');
47+
if (!user) return res.badRequest('Invalid username or password');
4748

4849
if (!user.password) return res.badRequest('User does not have a password, login through a provider');
4950
const valid = await verifyPassword(password, user.password);
@@ -53,7 +54,7 @@ export default fastifyPlugin(
5354
ip: req.ip ?? 'unknown',
5455
ua: req.headers['user-agent'],
5556
});
56-
return res.badRequest('Invalid password');
57+
return res.badRequest('Invalid username or password');
5758
}
5859

5960
if (user.totpSecret && code) {

0 commit comments

Comments
 (0)