From 4db44e0b59b16a19bc294b17bb9f7d37349cca26 Mon Sep 17 00:00:00 2001
From: Mashy <himesh.kapadia@gmail.com>
Date: Sat, 20 Jul 2019 11:15:47 +1000
Subject: [PATCH] great victory

---
 server/src/account.rs |  6 +++---
 server/src/net.rs     | 27 +++++++++++++++++++--------
 2 files changed, 22 insertions(+), 11 deletions(-)

diff --git a/server/src/account.rs b/server/src/account.rs
index 3f2358af..402b62b6 100644
--- a/server/src/account.rs
+++ b/server/src/account.rs
@@ -76,7 +76,7 @@ pub fn from_token(db: &Db, token: String) -> Result<Account, Error> {
     Ok(Account { id, name, balance, subscribed })
 }
 
-pub fn login(tx: &mut Transaction, name: &String, password: &String) -> Result<Account, Error> {
+pub fn login(tx: &mut Transaction, name: &String, password: &String) -> Result<Account, MnmlHttpError> {
     let query = "
         SELECT id, password, name, balance, subscribed
         FROM accounts
@@ -97,7 +97,7 @@ pub fn login(tx: &mut Transaction, name: &String, password: &String) -> Result<A
 
             // verify garbage to prevent timing attacks
             verify(garbage.clone(), &garbage).ok();
-            return Err(err_msg("account not found"));
+            return Err(MnmlHttpError::AccountNameNotFound);
         },
     };
 
@@ -108,7 +108,7 @@ pub fn login(tx: &mut Transaction, name: &String, password: &String) -> Result<A
     let subscribed: bool = row.get(4);
 
     if !verify(password, &hash)? {
-        return Err(err_msg("password does not match"));
+        return Err(MnmlHttpError::PasswordNotMatch);
     }
 
     let balance = u32::try_from(db_balance)
diff --git a/server/src/net.rs b/server/src/net.rs
index f030a896..98d08ed8 100644
--- a/server/src/net.rs
+++ b/server/src/net.rs
@@ -34,9 +34,15 @@ pub enum MnmlHttpError {
     #[fail(display="account name taken or invalid")]
     AccountNameNotProvided,
     #[fail(display="account name not provided")]
+    AccountNameNotFound,
+    #[fail(display="account name not found")]
     AccountNameTaken,
+    #[fail(display="incorrect password")]
+    PasswordNotMatch,
     #[fail(display="password unacceptable. must be > 11 characters")]
     PasswordUnacceptable,
+    #[fail(display="incorrect token. refresh or logout of existing sessions")]
+    TokenDoesNotMatch,
     #[fail(display="invalid code. https://discord.gg/YJJgurM")]
     InvalidCode,
 }
@@ -89,14 +95,19 @@ fn iron_response (status: status::Status, message: String) -> Response {
 impl From<MnmlHttpError> for IronError {
     fn from(m_err: MnmlHttpError) -> Self {
         let (err, res) = match m_err {
-            MnmlHttpError::ServerError => (m_err.compat(), status::InternalServerError),
+            MnmlHttpError::ServerError |
             MnmlHttpError::DbError => (m_err.compat(), status::InternalServerError),
-            MnmlHttpError::Unauthorized => (m_err.compat(), status::Unauthorized),
-            MnmlHttpError::BadRequest => (m_err.compat(), status::BadRequest),
-            MnmlHttpError::AccountNameNotProvided => (m_err.compat(), status::BadRequest),
-            MnmlHttpError::AccountNameTaken => (m_err.compat(), status::BadRequest),
+
+            MnmlHttpError::AccountNameNotProvided |
+            MnmlHttpError::AccountNameTaken |
+            MnmlHttpError::AccountNameNotFound |
+            MnmlHttpError::BadRequest |
             MnmlHttpError::PasswordUnacceptable => (m_err.compat(), status::BadRequest),
-            MnmlHttpError::InvalidCode => (m_err.compat(), status::Unauthorized),
+            
+            MnmlHttpError::PasswordNotMatch |
+            MnmlHttpError::InvalidCode |
+            MnmlHttpError::TokenDoesNotMatch |
+            MnmlHttpError::Unauthorized => (m_err.compat(), status::Unauthorized),
         };
         IronError { error: Box::new(err), response: iron_response(res, m_err.to_string()) }
     }
@@ -119,7 +130,7 @@ impl BeforeMiddleware for AuthMiddleware {
                     if cookie.name() == TOKEN_HEADER {
                         match account::from_token(&db, cookie.value().to_string()) {
                             Ok(a) => req.extensions.insert::<account::Account>(a),
-                            Err(_) => return Err(IronError::from(MnmlHttpError::Unauthorized)),
+                            Err(_) => return Err(IronError::from(MnmlHttpError::TokenDoesNotMatch)),
                         };
                     }
                 }
@@ -219,7 +230,7 @@ fn login(req: &mut Request) -> IronResult<Response> {
         },
         Err(e) => {
             warn!("{:?}", e);
-            Err(IronError::from(MnmlHttpError::Unauthorized))
+            Err(IronError::from(e))
         }
     }
 }