Fix: Handle errors and abort on temp auth failure

Added an error handler for unknown causes in `hydra.go` to ensure consistent error handling. In `http.go`, introduced logic to manage temporary authentication failures, calling specific functions and aborting the context to prevent further processing. Signed-off-by: Christian Roessner <c@roessner.co>
croessner · Oct 21, 2024 · ab7c23b · ab7c23b
1 parent 9f520c0
commit ab7c23b
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 0 deletions.
diff --git a/server/core/http.go b/server/core/http.go
@@ -336,6 +336,11 @@ func protectEndpointMiddleware() gin.HandlerFunc {
 		case global.AuthResultOK:
 		case global.AuthResultFail:
 		case global.AuthResultTempFail:
+			auth.postLuaAction(&PassDBResult{})
+			auth.authTempFail(ctx, global.TempFailDefault)
+			ctx.Abort()
+
+			return
 		case global.AuthResultEmptyUsername:
 		case global.AuthResultEmptyPassword:
 		}

diff --git a/server/core/hydra.go b/server/core/hydra.go
@@ -1715,6 +1715,7 @@ func loginPOSTHandler(ctx *gin.Context) {
 
 		apiConfig.logFailedLoginAndRedirect(auth)
 	default:
+		handleErr(ctx, errors.ErrUnknownCause)
 		ctx.AbortWithStatus(http.StatusInternalServerError)
 
 		return