boxerror: always pass second error string
This commit is contained in:
@@ -344,7 +344,7 @@ async function verifyAppPassword(userId, password, identifier) {
|
||||
|
||||
if (hashedPasswords.includes(hash)) return;
|
||||
|
||||
throw new BoxError(BoxError.INVALID_CREDENTIALS);
|
||||
throw new BoxError(BoxError.INVALID_CREDENTIALS, 'Password is not valid');
|
||||
}
|
||||
|
||||
// identifier is only used to check if password is valid for a specific app
|
||||
@@ -881,7 +881,7 @@ async function setTwoFactorAuthenticationSecret(user, auditSource) {
|
||||
|
||||
if (constants.DEMO && user.username === constants.DEMO_USERNAME) throw new BoxError(BoxError.BAD_STATE, 'Not allowed in demo mode');
|
||||
|
||||
if (user.twoFactorAuthenticationEnabled) throw new BoxError(BoxError.ALREADY_EXISTS);
|
||||
if (user.twoFactorAuthenticationEnabled) throw new BoxError(BoxError.ALREADY_EXISTS, '2FA is already enabled');
|
||||
|
||||
const { fqdn:dashboardFqdn } = await dashboard.getLocation();
|
||||
const secret = speakeasy.generateSecret({ name: `Cloudron ${dashboardFqdn} (${user.username})` });
|
||||
@@ -903,9 +903,9 @@ async function enableTwoFactorAuthentication(user, totpToken, auditSource) {
|
||||
if (user.source === 'ldap' && externalLdap.supports2FA(externalLdapConfig)) throw new BoxError(BoxError.BAD_STATE, 'Cannot enable 2FA of external auth user');
|
||||
|
||||
const verified = speakeasy.totp.verify({ secret: user.twoFactorAuthenticationSecret, encoding: 'base32', token: totpToken, window: 2 });
|
||||
if (!verified) throw new BoxError(BoxError.INVALID_CREDENTIALS);
|
||||
if (!verified) throw new BoxError(BoxError.INVALID_CREDENTIALS, 'Invalid 2FA code');
|
||||
|
||||
if (user.twoFactorAuthenticationEnabled) throw new BoxError(BoxError.ALREADY_EXISTS);
|
||||
if (user.twoFactorAuthenticationEnabled) throw new BoxError(BoxError.ALREADY_EXISTS, '2FA already enabled');
|
||||
|
||||
await update(user, { twoFactorAuthenticationEnabled: true }, auditSource);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user