fix: potential panics in login and return proper http 405 (#8065)

# Which Problems Are Solved We identified some parts in the code, which could panic with a nil pointer when accessed without auth request. Additionally, if a GRPC method was called with an unmapped HTTP method, e.g. POST instead of GET a 501 instead of a 405 was returned. # How the Problems Are Solved - Additional checks for existing authRequest - custom http status code mapper for gateway # Additional Changes None. # Additional Context - noted internally in OPS
2025-12-09 19:12:19 +00:00 · 2024-06-07 09:30:04 +02:00
parent 9b16c61038
commit 26c7d95c88
5 changed files with 29 additions and 6 deletions
--- a/internal/api/ui/login/passwordless_registration_handler.go
+++ b/internal/api/ui/login/passwordless_registration_handler.go
@@ -114,11 +114,11 @@ func (l *Login) renderPasswordlessRegistration(w http.ResponseWriter, r *http.Re
 	}
 	if authReq == nil {
 		policy, err := l.query.ActiveLabelPolicyByOrg(r.Context(), orgID, false)
-		logging.Log("HANDL-XjWKE").OnError(err).Error("unable to get active label policy")
+		logging.OnError(err).Error("unable to get active label policy")
 		data.LabelPolicy = labelPolicyToDomain(policy)
 		if err == nil {
 			texts, err := l.authRepo.GetLoginText(r.Context(), orgID)
-			logging.Log("LOGIN-HJK4t").OnError(err).Warn("could not get custom texts")
+			logging.OnError(err).Warn("could not get custom texts")
 			l.addLoginTranslations(translator, texts)
 		}
 	}