Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Return machine-readable error codes along with 403 responses. 

(imported from commit f60e9fa587a41d643cb817cae3ef06938a59f68c)
This commit is contained in:
Luke Faraone 2014-01-10 17:53:11 -05:00
parent 3948e1673d
commit 0a574eeefa
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
zerver/views/__init__.py
View File

@ -1494,10 +1494,10 @@ def api_fetch_api_key(request, username=REQ, password=REQ):
if user_profile is None:
if return_data.get("valid_attestation") == True:
# We can leak that the user is unregistered iff they present a valid authentication string for the user.
return json_error("This user is not registered; do so from a browser.", status=403)
return json_error("Your username or password is incorrect.", status=403)
return json_error("This user is not registered; do so from a browser.", data={"reason": "unregistered"}, status=403)
return json_error("Your username or password is incorrect.", data={"reason": "incorrect_creds"}, status=403)
if not user_profile.is_active:
return json_error("Your account has been disabled.", status=403)
return json_error("Your account has been disabled.", data={"reason": "disabled"}, status=403)
return json_success({"api_key": user_profile.api_key})
@authenticated_json_post_view