distantnative
commented
3 years ago The second error is fine but I think the first one shouldn't happen
Why not? Isn't the POST request you sent (with the invalid login details) a request that fails?
Closed GiantCrocodile closed 3 years ago
distantnative
commented
3 years ago The second error is fine but I think the first one shouldn't happen
Why not? Isn't the POST request you sent (with the invalid login details) a request that fails?
GiantCrocodile
commented
3 years ago According to my understanding the HTTP code 400 is used for invalid requests from clients where the request itself is malformed, e. g. missing parameters or invalid parameter values which are never valid for the given request/API. In this case a invalid password is still a valid request regarding its syntax and context. I think there is no other place where you get a HTTP error and a Kirby 3 error at the same time? If the intention was to signalize an invalid logon attempt, then a 403 or 401 might fit better, see https://stackoverflow.com/a/6937030 for further details.
distantnative
commented
3 years ago @bastianallgeier @lukasbestle I think 401 would be the fitting one then for this case. Agreed?
lukasbestle
commented
3 years ago I agree!
bastianallgeier
commented
3 years ago ✅
Describe the bug
You get two errors during a log-in attempt with invalid credentials in the browser console.
The second error is fine but I think the first one shouldn't happen or has a wrong error code.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Just one proper error message.
Kirby Version
3.4.3
Desktop (please complete the following information):
Win 10, latest Firefox, WAMP setup
Additional context