From 6b359b77960825ebc4f1238ac363fb8ca9ca1277 Mon Sep 17 00:00:00 2001 From: zadam Date: Fri, 29 May 2020 22:06:36 +0200 Subject: [PATCH] return 401 when auth request is out of sync, closes #1056 --- src/routes/api/login.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/routes/api/login.js b/src/routes/api/login.js index 6bca0212a..2bd88efec 100644 --- a/src/routes/api/login.js +++ b/src/routes/api/login.js @@ -16,7 +16,7 @@ const ApiToken = require('../../entities/api_token'); async function loginSync(req) { if (!await sqlInit.schemaExists()) { - return [400, { message: "DB schema does not exist, can't sync." }]; + return [500, { message: "DB schema does not exist, can't sync." }]; } const timestampStr = req.body.timestamp; @@ -27,7 +27,7 @@ async function loginSync(req) { // login token is valid for 5 minutes if (Math.abs(timestamp.getTime() - now.getTime()) > 5 * 60 * 1000) { - return [400, { message: 'Auth request time is out of sync, please check that both client and server have correct time.' }]; + return [401, { message: 'Auth request time is out of sync, please check that both client and server have correct time.' }]; } const syncVersion = req.body.syncVersion; @@ -102,4 +102,4 @@ module.exports = { loginSync, loginToProtectedSession, token -}; \ No newline at end of file +};