Catch any unexpected error during login and return 403 (#76)

2025-12-21 17:33:29 +01:00 · 2021-11-08 17:26:09 +11:00
parent c804627a0a
commit bb4172acf4
2 changed files with 41 additions and 13 deletions
--- a/src/server.ts
+++ b/src/server.ts
@@ -219,28 +219,35 @@ function server(
    const lang = langFor(req);
    const { username, password, linkCode } = req.body;
    if (!linkCodes.has(linkCode)) {
-      res.status(400).render("failure", {
+      return res.status(400).render("failure", {
        lang,
        message: lang("invalidLinkCode"),
      });
    } else {
-      const authResult = await musicService.generateToken({
+      return musicService.generateToken({
        username,
        password,
-      });
-      if (isSuccess(authResult)) {
-        linkCodes.associate(linkCode, authResult);
-        res.render("success", {
-          lang,
-          message: lang("loginSuccessful"),
-        });
-      } else {
-        res.status(403).render("failure", {
+      }).then(authResult => {
+        if (isSuccess(authResult)) {
+          linkCodes.associate(linkCode, authResult);
+          return res.render("success", {
+            lang,
+            message: lang("loginSuccessful"),
+          });
+        } else {
+          return res.status(403).render("failure", {
+            lang,
+            message: lang("loginFailed"),
+            cause: authResult.message,
+          });
+        }
+      }).catch(e => {
+        return res.status(403).render("failure", {
          lang,
          message: lang("loginFailed"),
-          cause: authResult.message,
+          cause: `Unexpected error occured - ${e}`,
        });
-      }
+      });
    }
  });

--- a/tests/server.test.ts
+++ b/tests/server.test.ts
@@ -680,6 +680,27 @@ describe("server", () => {
          });
        });

+        describe("when an unexpected failure occurs", () => {
+          it("should return 403 with message", async () => {
+            const username = "userDoesntExist";
+            const password = "password";
+            const linkCode = uuid();
+
+            linkCodes.has.mockReturnValue(true);
+            musicService.generateToken.mockRejectedValue("BOOOOOOM");
+
+            const res = await request(server)
+              .post(bonobUrl.append({ pathname: "/login" }).pathname())
+              .set("accept-language", acceptLanguage)
+              .type("form")
+              .send({ username, password, linkCode })
+              .expect(403);
+
+            expect(res.text).toContain(lang("loginFailed"));
+            expect(res.text).toContain('Unexpected error occured - BOOOOOOM');
+          });
+        });
+
        describe("when linkCode is invalid", () => {
          it("should return 400 with message", async () => {
            const username = "jane";