Describe the bug
You are able to login using made up credentials. No error message is shown to the user if the user they are trying to login as does not exist.
Test cases
N/A - Identified when reviewing PR #64
When running the forked repo from PR #64 I discovered this bug:
JsonWebTokenError: jwt malformed
at module.exports [as verify] (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\jsonwebtoken\verify.js:70:17)
at requireAuth (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\src\middleware\requireAuth.js:14:27)
at Layer.handle [as handle_request] (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\express\lib\router\layer.js:95:5)
at next (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\express\lib\router\route.js:144:13)
at Route.dispatch (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\express\lib\router\route.js:114:3)
at Layer.handle [as handle_request] (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\express\lib\router\layer.js:95:5)
at C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\express\lib\router\index.js:284:15
at param (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\express\lib\router\index.js:365:14)
at param (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\express\lib\router\index.js:376:14)
at Function.process_params (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\express\lib\router\index.js:421:3)
JsonWebTokenError: jwt malformed
at module.exports [as verify] (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\jsonwebtoken\verify.js:70:17)
at requireAuth (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\src\middleware\requireAuth.js:14:27)
at Layer.handle [as handle_request] (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\express\lib\router\layer.js:95:5)
at next (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\express\lib\router\route.js:144:13)
at Route.dispatch (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\express\lib\router\route.js:114:3)
at Layer.handle [as handle_request] (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\express\lib\router\layer.js:95:5)
at C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\express\lib\router\index.js:284:15
at param (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\express\lib\router\index.js:365:14)
at param (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\express\lib\router\index.js:376:14)
at Function.process_params (C:\Users\lucae\OneDrive - The University of Auckland\Desktop\UOA\2023\SOFTENG310\a2-alex\W.A.K\server\node_modules\express\lib\router\index.js:421:3)
Describe the bug You are able to login using made up credentials. No error message is shown to the user if the user they are trying to login as does not exist.
Test cases N/A - Identified when reviewing PR #64
When running the forked repo from PR #64 I discovered this bug:
Originally posted by @leas022 in https://github.com/SE310-1/W.A.K/issues/64#issuecomment-1735217940
To Reproduce Login using fake credentials (a user that does not actually exist).
Expected behaviour I would expect an error message to be displayed and the user to not be redirected to a logged in view.
Stack Traces Shown above.
Error Reports Shown above.
Screenshots View when logged in as a fake user.
Device the bug was found on (please complete the following information):
Additional context N/A