diff --git a/packages/backend/src/server/api/endpoints/i/2fa/key-done.ts b/packages/backend/src/server/api/endpoints/i/2fa/key-done.ts index 77c4351cb..cf9310cc1 100644 --- a/packages/backend/src/server/api/endpoints/i/2fa/key-done.ts +++ b/packages/backend/src/server/api/endpoints/i/2fa/key-done.ts @@ -26,6 +26,12 @@ export const meta = { id: '0d7ec6d2-e652-443e-a7bf-9ee9a0cd77b0', }, + authenticationFailed: { + message: 'Authentication failed.', + code: 'AUTHENTICATION_FAILED', + id: '7b7b1e88-c569-4873-9676-25c5717ace4e', + }, + twoFactorNotEnabled: { message: '2fa not enabled.', code: 'TWO_FACTOR_NOT_ENABLED', @@ -71,14 +77,10 @@ export default class extends Endpoint { if (profile.twoFactorEnabled) { const token = ps.token; if (token == null) { - throw new Error('authentication failed'); + throw new ApiError(meta.errors.authenticationFailed); } - try { - await this.userAuthService.twoFactorAuthenticate(profile, token); - } catch (e) { - throw new Error('authentication failed'); - } + await this.userAuthService.twoFactorAuthenticate(profile, token); } else { throw new ApiError(meta.errors.twoFactorNotEnabled); } diff --git a/packages/backend/src/server/api/endpoints/i/2fa/register-key.ts b/packages/backend/src/server/api/endpoints/i/2fa/register-key.ts index 66cb69d46..88e645760 100644 --- a/packages/backend/src/server/api/endpoints/i/2fa/register-key.ts +++ b/packages/backend/src/server/api/endpoints/i/2fa/register-key.ts @@ -30,6 +30,12 @@ export const meta = { id: '38769596-efe2-4faf-9bec-abbb3f2cd9ba', }, + authenticationFailed: { + message: 'Authentication failed.', + code: 'AUTHENTICATION_FAILED', + id: 'a7628591-668b-47b2-919f-d986b22af06a', + }, + twoFactorNotEnabled: { message: '2fa not enabled.', code: 'TWO_FACTOR_NOT_ENABLED', @@ -77,14 +83,10 @@ export default class extends Endpoint { if (profile.twoFactorEnabled) { const token = ps.token; if (token == null) { - throw new Error('authentication failed'); + throw new ApiError(meta.errors.authenticationFailed); } - try { - await this.userAuthService.twoFactorAuthenticate(profile, token); - } catch (e) { - throw new Error('authentication failed'); - } + await this.userAuthService.twoFactorAuthenticate(profile, token); } else { throw new ApiError(meta.errors.twoFactorNotEnabled); } diff --git a/packages/backend/src/server/api/endpoints/i/2fa/register.ts b/packages/backend/src/server/api/endpoints/i/2fa/register.ts index 160af7a35..cb7762433 100644 --- a/packages/backend/src/server/api/endpoints/i/2fa/register.ts +++ b/packages/backend/src/server/api/endpoints/i/2fa/register.ts @@ -25,6 +25,12 @@ export const meta = { code: 'INCORRECT_PASSWORD', id: '78d6c839-20c9-4c66-b90a-fc0542168b48', }, + + authenticationFailed: { + message: 'Authentication failed.', + code: 'AUTHENTICATION_FAILED', + id: 'e428f177-c6ae-4e91-9c7e-334b1836f9aa', + }, }, } as const; @@ -59,14 +65,10 @@ export default class extends Endpoint { // eslint- if (profile.twoFactorEnabled) { const token = ps.token; if (token == null) { - throw new Error('authentication failed'); + throw new ApiError(meta.errors.authenticationFailed); } - try { - await this.userAuthService.twoFactorAuthenticate(profile, token); - } catch (e) { - throw new Error('authentication failed'); - } + await this.userAuthService.twoFactorAuthenticate(profile, token); } // Generate user's secret key diff --git a/packages/backend/src/server/api/endpoints/i/2fa/remove-key.ts b/packages/backend/src/server/api/endpoints/i/2fa/remove-key.ts index 3e2a3c7d3..c185ad2f7 100644 --- a/packages/backend/src/server/api/endpoints/i/2fa/remove-key.ts +++ b/packages/backend/src/server/api/endpoints/i/2fa/remove-key.ts @@ -24,6 +24,12 @@ export const meta = { code: 'INCORRECT_PASSWORD', id: '141c598d-a825-44c8-9173-cfb9d92be493', }, + + authenticationFailed: { + message: 'Authentication failed.', + code: 'AUTHENTICATION_FAILED', + id: '724bcf94-1f52-4c57-ad40-4f7fbbf6ce87', + }, }, } as const; @@ -61,14 +67,10 @@ export default class extends Endpoint { // eslint- if (profile.twoFactorEnabled) { const token = ps.token; if (token == null) { - throw new Error('authentication failed'); + throw new ApiError(meta.errors.authenticationFailed); } - try { - await this.userAuthService.twoFactorAuthenticate(profile, token); - } catch (e) { - throw new Error('authentication failed'); - } + await this.userAuthService.twoFactorAuthenticate(profile, token); } // Make sure we only delete the user's own creds diff --git a/packages/backend/src/server/api/endpoints/i/2fa/unregister.ts b/packages/backend/src/server/api/endpoints/i/2fa/unregister.ts index c008a983b..fe0cbbc3c 100644 --- a/packages/backend/src/server/api/endpoints/i/2fa/unregister.ts +++ b/packages/backend/src/server/api/endpoints/i/2fa/unregister.ts @@ -24,6 +24,12 @@ export const meta = { code: 'INCORRECT_PASSWORD', id: '7add0395-9901-4098-82f9-4f67af65f775', }, + + authenticationFailed: { + message: 'Authentication failed.', + code: 'AUTHENTICATION_FAILED', + id: '1b99d9c1-629c-41f9-9315-b27ee876f498', + }, }, } as const; @@ -57,14 +63,10 @@ export default class extends Endpoint { // eslint- if (profile.twoFactorEnabled) { const token = ps.token; if (token == null) { - throw new Error('authentication failed'); + throw new ApiError(meta.errors.authenticationFailed); } - try { - await this.userAuthService.twoFactorAuthenticate(profile, token); - } catch (e) { - throw new Error('authentication failed'); - } + await this.userAuthService.twoFactorAuthenticate(profile, token); } await this.userProfilesRepository.update(me.id, { diff --git a/packages/backend/src/server/api/endpoints/i/change-password.ts b/packages/backend/src/server/api/endpoints/i/change-password.ts index d5042d756..a76d4f575 100644 --- a/packages/backend/src/server/api/endpoints/i/change-password.ts +++ b/packages/backend/src/server/api/endpoints/i/change-password.ts @@ -9,11 +9,26 @@ import { Endpoint } from '@/server/api/endpoint-base.js'; import type { UserProfilesRepository } from '@/models/_.js'; import { DI } from '@/di-symbols.js'; import { UserAuthService } from '@/core/UserAuthService.js'; +import { ApiError } from '@/server/api/error.js'; export const meta = { requireCredential: true, secure: true, + + errors: { + incorrectPassword: { + message: 'Incorrect password.', + code: 'INCORRECT_PASSWORD', + id: 'f5bcd508-adcf-40b1-9031-2e944a5d8390', + }, + + authenticationFailed: { + message: 'Authentication failed.', + code: 'AUTHENTICATION_FAILED', + id: '97fee157-34eb-4b0d-8fc3-375d0040f807', + }, + }, } as const; export const paramDef = { @@ -39,20 +54,16 @@ export default class extends Endpoint { // eslint- const passwordMatched = await bcrypt.compare(ps.currentPassword, profile.password!); if (!passwordMatched) { - throw new Error('incorrect password'); + throw new ApiError(meta.errors.incorrectPassword); } if (profile.twoFactorEnabled) { const token = ps.token; if (token == null) { - throw new Error('authentication failed'); + throw new ApiError(meta.errors.authenticationFailed); } - try { - await this.userAuthService.twoFactorAuthenticate(profile, token); - } catch (e) { - throw new Error('authentication failed'); - } + await this.userAuthService.twoFactorAuthenticate(profile, token); } // Generate hash of password diff --git a/packages/backend/src/server/api/endpoints/i/delete-account.ts b/packages/backend/src/server/api/endpoints/i/delete-account.ts index 9c08863ae..fc66a67f2 100644 --- a/packages/backend/src/server/api/endpoints/i/delete-account.ts +++ b/packages/backend/src/server/api/endpoints/i/delete-account.ts @@ -10,12 +10,27 @@ import { Endpoint } from '@/server/api/endpoint-base.js'; import { DeleteAccountService } from '@/core/DeleteAccountService.js'; import { DI } from '@/di-symbols.js'; import { UserAuthService } from '@/core/UserAuthService.js'; +import { ApiError } from '@/server/api/error.js'; export const meta = { requireCredential: true, requireRolePolicy: 'canDeleteContent', secure: true, + + errors: { + incorrectPassword: { + message: 'Incorrect password.', + code: 'INCORRECT_PASSWORD', + id: '44326b04-08ea-4525-b01c-98cc117bdd2a', + }, + + authenticationFailed: { + message: 'Authentication failed.', + code: 'AUTHENTICATION_FAILED', + id: 'ea791cff-63e7-4b2a-92fc-646ab641794e', + }, + }, } as const; export const paramDef = { @@ -49,20 +64,16 @@ export default class extends Endpoint { // eslint- const passwordMatched = await bcrypt.compare(ps.password, profile.password!); if (!passwordMatched) { - throw new Error('incorrect password'); + throw new ApiError(meta.errors.incorrectPassword); } if (profile.twoFactorEnabled) { const token = ps.token; if (token == null) { - throw new Error('authentication failed'); + throw new ApiError(meta.errors.authenticationFailed); } - try { - await this.userAuthService.twoFactorAuthenticate(profile, token); - } catch (e) { - throw new Error('authentication failed'); - } + await this.userAuthService.twoFactorAuthenticate(profile, token); } await this.deleteAccountService.deleteAccount(me); diff --git a/packages/backend/src/server/api/endpoints/i/update-email.ts b/packages/backend/src/server/api/endpoints/i/update-email.ts index 55bd402f2..7dbb6ce85 100644 --- a/packages/backend/src/server/api/endpoints/i/update-email.ts +++ b/packages/backend/src/server/api/endpoints/i/update-email.ts @@ -35,6 +35,12 @@ export const meta = { id: 'e54c1d7e-e7d6-4103-86b6-0a95069b4ad3', }, + authenticationFailed: { + message: 'Authentication failed.', + code: 'AUTHENTICATION_FAILED', + id: 'ef9323ea-8451-4f7a-8f35-4b1ee014d9b7', + }, + unavailable: { message: 'Unavailable email address.', code: 'UNAVAILABLE', @@ -78,14 +84,10 @@ export default class extends Endpoint { // eslint- if (profile.twoFactorEnabled) { const token = ps.token; if (token == null) { - throw new Error('authentication failed'); + throw new ApiError(meta.errors.authenticationFailed); } - try { - await this.userAuthService.twoFactorAuthenticate(profile, token); - } catch (e) { - throw new Error('authentication failed'); - } + await this.userAuthService.twoFactorAuthenticate(profile, token); } if (ps.email != null) {