better error messages for 401

2021-06-05 21:26:43 -07:00
parent eb16e8a8ee
commit b579f7ae90
2 changed files with 7 additions and 7 deletions
@@ -17,13 +17,13 @@ async function verifyToken(accessToken) {
    assert.strictEqual(typeof accessToken, 'string');

    const token = await tokens.getByAccessToken(accessToken);
-    if (!token) throw new BoxError(BoxError.INVALID_CREDENTIALS);
+    if (!token) throw new BoxError(BoxError.INVALID_CREDENTIALS, 'No such token');

    const [error, user] = await safe(userGet(token.identifier));
-    if (error && error.reason === BoxError.NOT_FOUND) throw new BoxError(BoxError.INVALID_CREDENTIALS);
+    if (error && error.reason === BoxError.NOT_FOUND) throw new BoxError(BoxError.INVALID_CREDENTIALS, 'User not found');
    if (error) throw error;

-    if (!user.active) throw new BoxError(BoxError.INVALID_CREDENTIALS);
+    if (!user.active) throw new BoxError(BoxError.INVALID_CREDENTIALS, 'User not active');

    await safe(tokens.update(token.id, { lastUsedTime: new Date() })); // ignore any error