all repos

onasty @ 49ba283

a one-time notes service
5 files changed, 7 insertions(+), 10 deletions(-) 
fix: don't return "wrong credentials" (#201)
Author: Oleksandr Smirnov olexsmir@gmail.com
Committed by: GitHub noreply@github.com
Committed at: 2025-08-31 19:22:27 +0300
Parent: e9424c1
jump to
M e2e/apiv1_auth_test.go
M internal/models/user.go
M internal/service/authsrv/authsrv.go
M internal/service/usersrv/usersrv.go
M internal/transport/http/apiv1/response.go
M e2e/apiv1_auth_test.go 
@@ -227,14 +227,14 @@ name:         "wrong email",
 			email:        "wrong@email.com",
 			password:     e.uuid(),
 			expectedCode: http.StatusBadRequest,
-			expectedMsg:  models.ErrUserWrongCredentials.Error(),
+			expectedMsg:  models.ErrUserNotFound.Error(),
 		},
 		{
 			name:         "wrong password",
 			email:        email,
 			password:     "wrong-wrong",
 			expectedCode: http.StatusBadRequest,
-			expectedMsg:  models.ErrUserWrongCredentials.Error(),
+			expectedMsg:  models.ErrUserNotFound.Error(),
 		},
 	}
 

@@ -381,7 +381,7 @@ e.Equal(http.StatusBadRequest, httpResp.Code)
 
 	var body errorResponse
 	e.readBodyAndUnjsonify(httpResp.Body, &body)
-	e.Equal(models.ErrUserWrongCredentials.Error(), body.Message)
+	e.Equal(models.ErrUserNotFound.Error(), body.Message)
 
 	userDB := e.getUserByEmail(email)
M internal/models/user.go 
@@ -11,13 +11,11 @@
 var (
 	ErrUserEmailIsAlreadyInUse = errors.New("user: email is already in use")
 	ErrUserIsAlreadyVerified   = errors.New("user: user is already verified")
+	ErrUserIsNotActivated      = errors.New("user: user is not activated")
+	ErrUserNotFound            = errors.New("user: not found")
 
 	ErrResetPasswordTokenAlreadyUsed = errors.New("reset password token is already used")
 	ErrVerificationTokenNotFound     = errors.New("user: verification token not found")
-	ErrUserIsNotActivated            = errors.New("user: user is not activated")
-
-	ErrUserNotFound         = errors.New("user: not found")
-	ErrUserWrongCredentials = errors.New("user: wrong credentials")
 
 	ErrUserInvalidEmail    = errors.New("user: invalid email")
 	ErrUserInvalidPassword = errors.New("user: password too short, minimum 6 chars")
M internal/service/authsrv/authsrv.go 
@@ -171,7 +171,7 @@ }
 
 	if err = a.hasher.Compare(user.Password, inp.Password); err != nil {
 		if errors.Is(err, hasher.ErrMismatchedHashes) {
-			return dtos.Tokens{}, models.ErrUserWrongCredentials
+			return dtos.Tokens{}, models.ErrUserNotFound
 		}
 		return dtos.Tokens{}, err
 	}
M internal/service/usersrv/usersrv.go 
@@ -116,7 +116,7 @@ return err
 	}
 
 	if err = u.hasher.Compare(user.Password, inp.CurrentPassword); err != nil {
-		return models.ErrUserWrongCredentials
+		return models.ErrUserNotFound
 	}
 
 	newPass, err := u.hasher.Hash(inp.NewPassword)
M internal/transport/http/apiv1/response.go 
@@ -28,7 +28,6 @@ errors.Is(err, models.ErrUserIsNotActivated) ||
 		errors.Is(err, models.ErrUserInvalidEmail) ||
 		errors.Is(err, models.ErrUserInvalidPassword) ||
 		errors.Is(err, models.ErrUserNotFound) ||
-		errors.Is(err, models.ErrUserWrongCredentials) ||
 		// notes
 		errors.Is(err, notesrv.ErrNotePasswordNotProvided) ||
 		errors.Is(err, models.ErrNoteContentIsEmpty) ||