192: Code 403 if logging with incorrect password

[IgorMaksymov]

connect to #192

[vaa25]

@IgorMaksymov Why 403?

[IgorMaksymov]

@vaa25 trying to acces restricted area. or its better to 401? or 400?

[vaa25]

@IgorMaksymov I think 404 is better, the same as with wrong otp

[IgorMaksymov]

@vaa25 broken link is not incorrect login

[IgorMaksymov]

@vaa25 i think, that we need to throw EntityNotFound exception if login/password incorrect, not telling what exactly is incorrect.

[IgorMaksymov]

@vaa25 should we remove InvalidPasswordException and change it to EntityNotFound with message "user or password incorrect"?

[vaa25]

@IgorMaksymov do as @alex-anakin said at tonight meeting. One exception for both login and password fails.

[IgorMaksymov]

@vaa25 @alex-anakin said that 401 is correct code

[romach]

@IgorMaksymov need to merge master

[IgorMaksymov]

@romach fixed, but this branch has no conflicts with master, it is faster and easier to merge by yourself, than waiting for me.

[vkuchyn]

@IgorMaksymov it is best practices before PR merge master into feature branch. It will prevent from lots of problems in future. It is responsibility of developer, not reviewer. So, for future - please keep in mind this point

[IgorMaksymov]

@vkuchyn yes, i merge my branch with master before PR. Idea was to merge master into feature branch by reviewer if it has no conflict with master. If there is some conflicts - author solves them by himself.

[vkuchyn]

@IgorMaksymov I am not agree with your point. Only author of the branch is responsible to do some changes. If master was updated when issue was in review and no conflicts - ok, could happen. But keep in mind - every time you do some changes to branch - check if there are no any updates from master and merge them if so

[IgorMaksymov]

@vkuchyn ok, i will merge master even if there is no conflicts before making new commits to PR. we need to add this to workflow

[romach]

@AndriyBaibak 30 minutes spent