TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-10-27 13:51:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: login errors (#204)

Browse Source 
* feat: nice error messages

* feat: nice error messages

* fix: add project type

* fix: message ids

* handle error messages in login

* add some better error messages

* fix: better error messages on login

* fix: better error messages on login

* fix: add internal errors

* fix: tests
This commit is contained in:
Fabi
2020-06-11 13:22:24 +02:00
committed by GitHub
parent fb3a5c94a0
commit 2c97794538
27 changed files with 191 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/login/handler/change_password_handler.go
View File

@@ -33,7 +33,7 @@ func (l *Login) handleChangePassword(w http.ResponseWriter, r *http.Request) {
func (l *Login) renderChangePassword(w http.ResponseWriter, r *http.Request, authReq *model.AuthRequest, err error) {
var errType, errMessage string
if err != nil {
errMessage = err.Error()
errMessage = l.getErrorMessage(r, err)
}
data := userData{
baseData: l.getBaseData(r, authReq, "Change Password", errType, errMessage),

4
internal/login/handler/init_password_handler.go
View File

@@ -51,7 +51,7 @@ func (l *Login) handleInitPasswordCheck(w http.ResponseWriter, r *http.Request)
func (l *Login) checkPWCode(w http.ResponseWriter, r *http.Request, authReq *model.AuthRequest, data *initPasswordFormData, err error) {
if data.Password != data.PasswordConfirm {
err := errors.ThrowInvalidArgument(nil, "VIEW-KaGue", "passwords dont match")
err := errors.ThrowInvalidArgument(nil, "VIEW-KaGue", "Errors.User.Password.ConfirmationWrong")
l.renderInitPassword(w, r, authReq, data.UserID, data.Code, err)
return
}
@@ -75,7 +75,7 @@ func (l *Login) resendPasswordSet(w http.ResponseWriter, r *http.Request, authRe
func (l *Login) renderInitPassword(w http.ResponseWriter, r *http.Request, authReq *model.AuthRequest, userID, code string, err error) {
var errType, errMessage string
if err != nil {
errMessage = err.Error()
errMessage = l.getErrorMessage(r, err)
}
if userID == "" && authReq != nil {
userID = authReq.UserID

8
internal/login/handler/init_user_handler.go
View File

@@ -51,7 +51,7 @@ func (l *Login) handleInitUserCheck(w http.ResponseWriter, r *http.Request) {
func (l *Login) checkUserInitCode(w http.ResponseWriter, r *http.Request, authReq *model.AuthRequest, data *initUserFormData, err error) {
if data.Password != data.PasswordConfirm {
err := caos_errs.ThrowInvalidArgument(nil, "VIEW-fsdfd", "passwords dont match")
err := caos_errs.ThrowInvalidArgument(nil, "VIEW-fsdfd", "Errors.User.Password.ConfirmationWrong")
l.renderInitUser(w, r, nil, data.UserID, data.Code, err)
return
}
@@ -79,7 +79,7 @@ func (l *Login) resendUserInit(w http.ResponseWriter, r *http.Request, authReq *
func (l *Login) renderInitUser(w http.ResponseWriter, r *http.Request, authReq *model.AuthRequest, userID, code string, err error) {
var errType, errMessage string
if err != nil {
errMessage = err.Error()
errMessage = l.getErrorMessage(r, err)
}
if authReq != nil {
userID = authReq.UserID
@@ -93,12 +93,12 @@ func (l *Login) renderInitUser(w http.ResponseWriter, r *http.Request, authReq *
}
func (l *Login) renderInitUserDone(w http.ResponseWriter, r *http.Request, authReq *model.AuthRequest) {
var errType, errMessage, userName string
var userName string
if authReq != nil {
userName = authReq.UserName
}
data := userData{
baseData: l.getBaseData(r, authReq, "User Init Done", errType, errMessage),
baseData: l.getBaseData(r, authReq, "User Init Done", "", ""),
UserName: userName,
}
l.renderer.RenderTemplate(w, r, l.renderer.Templates[tmplInitUserDone], data, nil)

2
internal/login/handler/login_handler.go
View File

@@ -53,7 +53,7 @@ func (l *Login) handleUsernameCheck(w http.ResponseWriter, r *http.Request) {
func (l *Login) renderLogin(w http.ResponseWriter, r *http.Request, authReq *model.AuthRequest, err error) {
var errType, errMessage string
if err != nil {
errMessage = err.Error()
errMessage = l.getErrorMessage(r, err)
}
data := userData{
baseData: l.getBaseData(r, authReq, "Login", errType, errMessage),

2
internal/login/handler/mail_verify_handler.go
View File

@@ -70,7 +70,7 @@ func (l *Login) checkMailCode(w http.ResponseWriter, r *http.Request, authReq *m
func (l *Login) renderMailVerification(w http.ResponseWriter, r *http.Request, authReq *model.AuthRequest, userID string, err error) {
var errType, errMessage string
if err != nil {
errMessage = err.Error()
errMessage = l.getErrorMessage(r, err)
}
if userID == "" {
userID = authReq.UserID

2
internal/login/handler/mfa_init_verify_handler.go
View File

@@ -64,7 +64,7 @@ func (l *Login) handleOtpVerify(w http.ResponseWriter, r *http.Request, authReq
func (l *Login) renderMfaInitVerify(w http.ResponseWriter, r *http.Request, authReq *model.AuthRequest, data *mfaVerifyData, err error) {
var errType, errMessage string
if err != nil {
errMessage = err.Error()
errMessage = l.getErrorMessage(r, err)
}
data.baseData = l.getBaseData(r, authReq, "Mfa Init Verify", errType, errMessage)
data.UserName = authReq.UserName

6
internal/login/handler/mfa_prompt_handler.go
View File

@@ -39,7 +39,7 @@ func (l *Login) handleMfaPrompt(w http.ResponseWriter, r *http.Request) {
func (l *Login) renderMfaPrompt(w http.ResponseWriter, r *http.Request, authSession *model.AuthRequest, mfaPromptData *model.MfaPromptStep, err error) {
var errType, errMessage string
if err != nil {
errMessage = err.Error()
errMessage = l.getErrorMessage(r, err)
}
data := mfaData{
baseData: l.getBaseData(r, authSession, "Mfa Prompt", errType, errMessage),
@@ -47,7 +47,7 @@ func (l *Login) renderMfaPrompt(w http.ResponseWriter, r *http.Request, authSess
}
if mfaPromptData == nil {
l.renderError(w, r, authSession, caos_errs.ThrowPreconditionFailed(nil, "APP-XU0tj", "No available mfa providers"))
l.renderError(w, r, authSession, caos_errs.ThrowPreconditionFailed(nil, "APP-XU0tj", "Errors.User.Mfa.NoProviders"))
return
}
@@ -70,7 +70,7 @@ func (l *Login) handleMfaCreation(w http.ResponseWriter, r *http.Request, authSe
l.handleOtpCreation(w, r, authSession, data)
return
}
l.renderError(w, r, authSession, caos_errs.ThrowPreconditionFailed(nil, "APP-Or3HO", "No available mfa providers"))
l.renderError(w, r, authSession, caos_errs.ThrowPreconditionFailed(nil, "APP-Or3HO", "Errors.User.Mfa.NoProviders"))
}
func (l *Login) handleOtpCreation(w http.ResponseWriter, r *http.Request, authReq *model.AuthRequest, data *mfaVerifyData) {

2
internal/login/handler/mfa_verify_handler.go
View File

@@ -35,7 +35,7 @@ func (l *Login) handleMfaVerify(w http.ResponseWriter, r *http.Request) {
func (l *Login) renderMfaVerify(w http.ResponseWriter, r *http.Request, authReq *model.AuthRequest, verificationStep *model.MfaVerificationStep, err error) {
var errType, errMessage string
if err != nil {
errMessage = err.Error()
errMessage = l.getErrorMessage(r, err)
}
data := userData{
baseData: l.getBaseData(r, authReq, "Mfa Verify", errType, errMessage),

2
internal/login/handler/password_handler.go
View File

@@ -17,7 +17,7 @@ type passwordData struct {
func (l *Login) renderPassword(w http.ResponseWriter, r *http.Request, authReq *model.AuthRequest, err error) {
var errType, errMessage string
if err != nil {
errMessage = err.Error()
errMessage = l.getErrorMessage(r, err)
}
data := userData{
baseData: l.getBaseData(r, authReq, "Password", errType, errMessage),

2
internal/login/handler/password_reset_handler.go
View File

@@ -22,7 +22,7 @@ func (l *Login) handlePasswordReset(w http.ResponseWriter, r *http.Request) {
func (l *Login) renderPasswordResetDone(w http.ResponseWriter, r *http.Request, authReq *model.AuthRequest, err error) {
var errType, errMessage string
if err != nil {
errMessage = err.Error()
errMessage = l.getErrorMessage(r, err)
}
data := userData{
baseData: l.getBaseData(r, authReq, "Password Reset Done", errType, errMessage),

4
internal/login/handler/register_handler.go
View File

@@ -47,7 +47,7 @@ func (l *Login) handleRegisterCheck(w http.ResponseWriter, r *http.Request) {
return
}
if data.Password != data.Password2 {
err := caos_errs.ThrowInvalidArgument(nil, "VIEW-KaGue", "passwords dont match")
err := caos_errs.ThrowInvalidArgument(nil, "VIEW-KaGue", "Errors.User.Password.ConfirmationWrong")
l.renderRegister(w, r, authRequest, data, err)
return
}
@@ -72,7 +72,7 @@ func (l *Login) handleRegisterCheck(w http.ResponseWriter, r *http.Request) {
func (l *Login) renderRegister(w http.ResponseWriter, r *http.Request, authRequest *model.AuthRequest, formData *registerFormData, err error) {
var errType, errMessage string
if err != nil {
errMessage = err.Error()
errMessage = l.getErrorMessage(r, err)
}
if formData == nil {
formData = new(registerFormData)

21
internal/login/handler/renderer.go
View File

@@ -1,9 +1,10 @@
package handler
import (
"errors"
"fmt"
"github.com/caos/zitadel/internal/auth_request/model"
"github.com/caos/zitadel/internal/errors"
caos_errs "github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/i18n"
"github.com/caos/zitadel/internal/renderer"
"net/http"
@@ -116,10 +117,10 @@ func CreateRenderer(staticDir http.FileSystem, cookieName string, defaultLanguag
func (l *Login) renderNextStep(w http.ResponseWriter, r *http.Request, authReq *model.AuthRequest) {
authReq, err := l.authRepo.AuthRequestByID(r.Context(), authReq.ID)
if err != nil {
l.renderInternalError(w, r, authReq, errors.ThrowInternal(nil, "APP-sio0W", "could not get authreq"))
l.renderInternalError(w, r, authReq, caos_errs.ThrowInternal(nil, "APP-sio0W", "could not get authreq"))
}
if len(authReq.PossibleSteps) == 0 {
l.renderInternalError(w, r, authReq, errors.ThrowInternal(nil, "APP-9sdp4", "no possible steps"))
l.renderInternalError(w, r, authReq, caos_errs.ThrowInternal(nil, "APP-9sdp4", "no possible steps"))
return
}
l.chooseNextStep(w, r, authReq, 0, nil)
@@ -127,7 +128,7 @@ func (l *Login) renderNextStep(w http.ResponseWriter, r *http.Request, authReq *
func (l *Login) renderError(w http.ResponseWriter, r *http.Request, authReq *model.AuthRequest, err error) {
if authReq == nil || len(authReq.PossibleSteps) == 0 {
l.renderInternalError(w, r, authReq, errors.ThrowInternal(err, "APP-OVOiT", "no possible steps"))
l.renderInternalError(w, r, authReq, caos_errs.ThrowInternal(err, "APP-OVOiT", "no possible steps"))
return
}
l.chooseNextStep(w, r, authReq, 0, err)
@@ -164,7 +165,7 @@ func (l *Login) chooseNextStep(w http.ResponseWriter, r *http.Request, authReq *
case *model.InitUserStep:
l.renderInitUser(w, r, authReq, "", "", nil)
default:
l.renderInternalError(w, r, authReq, errors.ThrowInternal(nil, "APP-ds3QF", "step no possible"))
l.renderInternalError(w, r, authReq, caos_errs.ThrowInternal(nil, "APP-ds3QF", "step no possible"))
}
}
@@ -191,6 +192,16 @@ func (l *Login) getBaseData(r *http.Request, authReq *model.AuthRequest, title s
}
}
func (l *Login) getErrorMessage(r *http.Request, err error) (errMsg string) {
caosErr := new(caos_errs.CaosError)
if errors.As(err, &caosErr) {
localized := l.renderer.LocalizeFromRequest(r, caosErr.Message, nil)
return localized + " (" + caosErr.ID + ")"
}
return err.Error()
}
func (l *Login) getTheme(r *http.Request) string {
return "zitadel" //TODO: impl
}

3
internal/login/handler/select_user_handler.go
View File

@@ -14,9 +14,8 @@ type userSelectionFormData struct {
}
func (l *Login) renderUserSelection(w http.ResponseWriter, r *http.Request, authReq *model.AuthRequest, selectionData *model.SelectUserStep) {
var errType, errMessage string
data := userSelectionData{
baseData: l.getBaseData(r, authReq, "Select User", errType, errMessage),
baseData: l.getBaseData(r, authReq, "Select User", "", ""),
Users: selectionData.Users,
}
l.renderer.RenderTemplate(w, r, l.renderer.Templates[tmplUserSelection], data, nil)