Prevent logging passwords in failed login attempts
This commit is contained in:
parent
1c1e8df704
commit
d14c4ce671
@ -2,6 +2,8 @@
|
|||||||
* User data access
|
* User data access
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
import { errors } from 'pg-promise';
|
||||||
|
|
||||||
import db from '../../db';
|
import db from '../../db';
|
||||||
|
|
||||||
function createUser(user) {
|
function createUser(user) {
|
||||||
@ -64,8 +66,12 @@ function authUser(username, password) {
|
|||||||
return { error: 'Username or password not recognised' }
|
return { error: 'Username or password not recognised' }
|
||||||
}
|
}
|
||||||
}).catch(function (err) {
|
}).catch(function (err) {
|
||||||
console.error(err);
|
if (err instanceof errors.QueryResultError) {
|
||||||
return { error: 'Username or password not recognised' };
|
console.error(`Authentication failed for user ${username}`);
|
||||||
|
return { error: 'Username or password not recognised' };
|
||||||
|
}
|
||||||
|
console.error('Error:', err);
|
||||||
|
return { error: 'Database error' };
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user