FTP login error - Githubissues

silexlabs / unifile

Unified access to cloud storage services through a simple web API.

https://silexlabs.github.io/unifile/

MIT License

144 stars 32 forks source link

FTP login error #95

Closed lexoyo closed 7 years ago

lexoyo commented 7 years ago

When there is an authentication error, the FTP service logs something like this in the console ERROR { Error: Login authentication failed and returns this in the response: screenshot from 2017-09-22 12-18-46

1- Do you think we should display an error page, or is the JSON on purpose? 2- Maybe also more data about why it failed? 3- There is the login and password in the URL of the callback in GET, do you think we could make it more secure? (POST at least or in the session)

JbIPS commented 7 years ago

Do you think we should display an error page, or is the JSON on purpose?

I think the app should display an "Invalid user/password" type error

There is the login and password in the URL of the callback in GET, do you think we could make it more secure? (POST at least or in the session)

That's bad... It sure would be better to not have this plain in the open. I'll try to figure something out

lexoyo commented 7 years ago

I think the app should display an "Invalid user/password" type error

oh you mean the app calling unifile yes of course, that's good so you think of a mechanism to retrieve the error in the callback?

JbIPS commented 7 years ago

About the credentials in the URL, it's actually not from Unifile. If you used my sample server, it says here to send the data with GET (I shouldn't be doing that). By all means, use POST!

To retrieve the error, just add .catch() to the login method. You can look at the tests to get examples 😉