aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares')
-rw-r--r--server/middlewares/oauth.ts6
-rw-r--r--server/middlewares/user-right.ts10
-rw-r--r--server/middlewares/validators/follows.ts6
3 files changed, 18 insertions, 4 deletions
diff --git a/server/middlewares/oauth.ts b/server/middlewares/oauth.ts
index e59168ea8..12872c4a5 100644
--- a/server/middlewares/oauth.ts
+++ b/server/middlewares/oauth.ts
@@ -17,7 +17,11 @@ function authenticate (req: express.Request, res: express.Response, next: expres
17 return res.sendStatus(500) 17 return res.sendStatus(500)
18 } 18 }
19 19
20 if (res.statusCode === 401 || res.statusCode === 400 || res.statusCode === 503) return res.end() 20 if (res.statusCode === 401 || res.statusCode === 400 || res.statusCode === 503) {
21 return res.json({
22 error: 'Authentication failed.'
23 }).end()
24 }
21 25
22 return next() 26 return next()
23 }) 27 })
diff --git a/server/middlewares/user-right.ts b/server/middlewares/user-right.ts
index 5bb5bdfbd..7cea7aa1e 100644
--- a/server/middlewares/user-right.ts
+++ b/server/middlewares/user-right.ts
@@ -8,8 +8,14 @@ function ensureUserHasRight (userRight: UserRight) {
8 return function (req: express.Request, res: express.Response, next: express.NextFunction) { 8 return function (req: express.Request, res: express.Response, next: express.NextFunction) {
9 const user = res.locals.oauth.token.user as UserModel 9 const user = res.locals.oauth.token.user as UserModel
10 if (user.hasRight(userRight) === false) { 10 if (user.hasRight(userRight) === false) {
11 logger.info('User %s does not have right %s to access to %s.', user.username, UserRight[userRight], req.path) 11 const message = `User ${user.username} does not have right ${UserRight[userRight]} to access to ${req.path}.`
12 return res.sendStatus(403) 12 logger.info(message)
13
14 return res.status(403)
15 .json({
16 error: message
17 })
18 .end()
13 } 19 }
14 20
15 return next() 21 return next()
diff --git a/server/middlewares/validators/follows.ts b/server/middlewares/validators/follows.ts
index 7dadf6a19..991a2e175 100644
--- a/server/middlewares/validators/follows.ts
+++ b/server/middlewares/validators/follows.ts
@@ -41,7 +41,11 @@ const removeFollowingValidator = [
41 const follow = await ActorFollowModel.loadByActorAndTargetHost(serverActor.id, req.params.host) 41 const follow = await ActorFollowModel.loadByActorAndTargetHost(serverActor.id, req.params.host)
42 42
43 if (!follow) { 43 if (!follow) {
44 return res.status(404) 44 return res
45 .status(404)
46 .json({
47 error: `Follower ${req.params.host} not found.`
48 })
45 .end() 49 .end()
46 } 50 }
47 51