chore: Rename env variable, refactoring

2025-08-04 21:15:25 +02:00 · 2024-08-30 11:39:56 +02:00 · 2024-08-30 11:39:56 +02:00 · 58319728fa
commit 58319728fa
parent 4b6e52a9c6
6 changed files with 25 additions and 26 deletions
--- a/server/.env.sample
+++ b/server/.env.sample
@ -22,7 +22,7 @@ SECRET_KEY=notsecretkey
 # DEFAULT_ADMIN_NAME=Demo Demo
 # DEFAULT_ADMIN_USERNAME=demo

-# ENABLE_VERBOSE_ON_LOGIN=false # Set to true will show more verbose error messages on login. Should not be disabled without a rate limiter for security reasons.
+# SHOW_DETAILED_AUTH_ERRORS=false # Set to true to show more detailed authentication error messages. It should not be enabled without a rate limiter for security reasons.

 # ALLOW_ALL_TO_CREATE_PROJECTS=true

--- a/server/api/controllers/access-tokens/create.js
+++ b/server/api/controllers/access-tokens/create.js
@ -4,15 +4,15 @@ const validator = require('validator');
 const { getRemoteAddress } = require('../../../utils/remoteAddress');

 const Errors = {
+  INVALID_CREDENTIALS: {
+    invalidCredentials: 'Invalid credentials',
+  },
  INVALID_EMAIL_OR_USERNAME: {
    invalidEmailOrUsername: 'Invalid email or username',
  },
  INVALID_PASSWORD: {
    invalidPassword: 'Invalid password',
  },
-  INVALID_CREDENTIALS: {
-    invalidCredentials: 'Invalid credentials',
-  },
  USE_SINGLE_SIGN_ON: {
    useSingleSignOn: 'Use single sign-on',
  },
@ -37,15 +37,15 @@ module.exports = {
  },

  exits: {
+    invalidCredentials: {
+      responseType: 'unauthorized',
+    },
    invalidEmailOrUsername: {
      responseType: 'unauthorized',
    },
    invalidPassword: {
      responseType: 'unauthorized',
    },
-    invalidCredentials: {
-      responseType: 'unauthorized',
-    },
    useSingleSignOn: {
      responseType: 'forbidden',
    },
@ -63,10 +63,10 @@ module.exports = {
      sails.log.warn(
        `Invalid email or username: "${inputs.emailOrUsername}"! (IP: ${remoteAddress})`,
      );
-      if (!sails.config.custom.enableVerboseOnLogin) {
-        throw Errors.INVALID_CREDENTIALS;
-      }
-      throw Errors.INVALID_EMAIL_OR_USERNAME;
+
+      throw sails.config.custom.showDetailedAuthErrors
+        ? Errors.INVALID_EMAIL_OR_USERNAME
+        : Errors.INVALID_CREDENTIALS;
    }

    if (user.isSso) {
@ -75,10 +75,10 @@ module.exports = {

    if (!bcrypt.compareSync(inputs.password, user.password)) {
      sails.log.warn(`Invalid password! (IP: ${remoteAddress})`);
-      if (!sails.config.custom.enableVerboseOnLogin) {
-        throw Errors.INVALID_CREDENTIALS;
-      }
-      throw Errors.INVALID_PASSWORD;
+
+      throw sails.config.custom.showDetailedAuthErrors
+        ? Errors.INVALID_PASSWORD
+        : Errors.INVALID_CREDENTIALS;
    }

    const accessToken = sails.helpers.utils.createToken(user.id);
--- a/server/config/custom.js
+++ b/server/config/custom.js
@ -34,9 +34,9 @@ module.exports.custom = {
  defaultAdminEmail:
    process.env.DEFAULT_ADMIN_EMAIL && process.env.DEFAULT_ADMIN_EMAIL.toLowerCase(),

-  allowAllToCreateProjects: process.env.ALLOW_ALL_TO_CREATE_PROJECTS === 'true',
+  showDetailedAuthErrors: process.env.SHOW_DETAILED_AUTH_ERRORS === 'true',

-  enableVerboseOnLogin: process.env.ENABLE_VERBOSE_ON_LOGIN ? process.env.ENABLE_VERBOSE_ON_LOGIN === 'true' : false,
+  allowAllToCreateProjects: process.env.ALLOW_ALL_TO_CREATE_PROJECTS === 'true',

  oidcIssuer: process.env.OIDC_ISSUER,
  oidcClientId: process.env.OIDC_CLIENT_ID,