Page MenuHomekolab.org

Don't call userResponse() on failed login
ClosedPublic

Authored by machniak on Feb 3 2022, 3:52 PM.

Details

Reviewers
mollekopf
Group Reviewers
Restricted Project
Commits
rK60f8cfed258b: Don't call userResponse() on failed login
Test Plan

./phpunit

Diff Detail

Repository
rK kolab
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

machniak requested review of this revision.Feb 3 2022, 3:52 PM
machniak created this revision.
mollekopf added inline comments.
src/app/Http/Controllers/API/AuthController.php
171

If the idea is that we don't call userResponse if the $user == null in a failed login case, should we then not also not set the status to 'success' ?
I could be on the wrong track because I don't really recall how exactly this is being called in the first place.

machniak added inline comments.Feb 15 2022, 6:05 PM
src/app/Http/Controllers/API/AuthController.php
171

This might be hard to see as it ended up being quite a refactoring. We had one instance where we called userResponse() before respondWithToken(). If you consider respondWithToken() could "respond" with an error (on auth failure) the heavy userResponse() call was redundant. Now we do this only on a successful response.

mollekopf accepted this revision.Feb 22 2022, 10:18 AM
This revision is now accepted and ready to land.Feb 22 2022, 10:18 AM
This revision was automatically updated to reflect the committed changes.