better status code: on invalid credentials return 422 instead of 400 …

…now. added tests
wangdeer · Sep 29, 2021 · 09ef067 · 09ef067
1 parent 2897616
commit 09ef067
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 8 deletions.
diff --git a/app/Containers/AppSection/Authentication/Exceptions/LoginFailedException.php b/app/Containers/AppSection/Authentication/Exceptions/LoginFailedException.php
@@ -7,6 +7,6 @@
 
 class LoginFailedException extends Exception
 {
-    protected $code = Response::HTTP_BAD_REQUEST;
+    protected $code = Response::HTTP_UNPROCESSABLE_ENTITY;
     protected $message = 'An Exception happened during the Login Process.';
 }
diff --git a/app/Containers/AppSection/Authentication/Tasks/CallOAuthServerTask.php b/app/Containers/AppSection/Authentication/Tasks/CallOAuthServerTask.php
@@ -30,7 +30,7 @@ public function run(array $data, string $languageHeader = null): float|object|in
 
         // If the internal request to the oauth token endpoint was not successful we throw an exception
         if (!$response->isSuccessful()) {
-            throw new LoginFailedException($content['message'], $response->getStatusCode());
+            throw new LoginFailedException($content['message']);
         }
 
         return $content;

diff --git a/...iners/AppSection/Authentication/UI/API/Tests/Functional/ApiLoginProxyForWebClientTest.php b/...iners/AppSection/Authentication/UI/API/Tests/Functional/ApiLoginProxyForWebClientTest.php
@@ -21,8 +21,7 @@ public function testClientWebAdminProxyLogin(): void
             'email' => '[email protected]',
             'password' => 'testingpass',
         ];
-        $user = $this->getTestingUser($data);
-        $this->actingAs($user, 'web');
+        $this->getTestingUser($data);
 
         $response = $this->makeCall($data);
 
@@ -40,8 +39,7 @@ public function testClientWebAdminProxyUnconfirmedLogin(): void
             'password' => 'testingpass',
             'email_verified_at' => null,
         ];
-        $user = $this->getTestingUser($data);
-        $this->actingAs($user, 'web');
+        $this->getTestingUser($data);
 
         $response = $this->makeCall($data);
 
@@ -59,8 +57,7 @@ public function testLoginWithNameAttribute(): void
             'password' => 'testingpass',
             'name' => 'username',
         ];
-        $user = $this->getTestingUser($data);
-        $this->actingAs($user, 'web');
+        $this->getTestingUser($data);
         $this->setLoginAttributes([
             'email' => [],
             'name' => [],
@@ -117,4 +114,16 @@ public function testGivenMultipleLoginAttributeIsSetThenAtLeastOneShouldBeRequir
             'name' => 'The name field is required when none of email are present.',
         ]);
     }
+
+    public function testGivenWrongCredential_Throw422(): void
+    {
+        $data = [
+            'email' => '[email protected]',
+            'password' => 'some-unbelievable-password',
+        ];
+
+        $response = $this->makeCall($data);
+
+        $response->assertStatus(422);
+    }
 }