Send forbidden codes when doing login attempts.

This commit is contained in:
Kegan Dougal 2014-08-14 14:29:01 +01:00
parent 0fa05ea331
commit 5a5f37ca17

View File

@ -16,7 +16,7 @@
from twisted.internet import defer from twisted.internet import defer
from ._base import BaseHandler from ._base import BaseHandler
from synapse.api.errors import LoginError from synapse.api.errors import LoginError, Codes
import bcrypt import bcrypt
import logging import logging
@ -51,7 +51,7 @@ class LoginHandler(BaseHandler):
user_info = yield self.store.get_user_by_id(user_id=user) user_info = yield self.store.get_user_by_id(user_id=user)
if not user_info: if not user_info:
logger.warn("Attempted to login as %s but they do not exist.", user) logger.warn("Attempted to login as %s but they do not exist.", user)
raise LoginError(403, "") raise LoginError(403, "", errcode=Codes.FORBIDDEN)
stored_hash = user_info[0]["password_hash"] stored_hash = user_info[0]["password_hash"]
if bcrypt.checkpw(password, stored_hash): if bcrypt.checkpw(password, stored_hash):
@ -62,4 +62,4 @@ class LoginHandler(BaseHandler):
defer.returnValue(token) defer.returnValue(token)
else: else:
logger.warn("Failed password login for user %s", user) logger.warn("Failed password login for user %s", user)
raise LoginError(403, "") raise LoginError(403, "", errcode=Codes.FORBIDDEN)