back round 0 view raw

fix(auth): handle bad identity lookups #20

merged
opened by brookjeynes.dev targeting master from push-trrpxxyxxmot
options
unified split
Changed files
+7 -2
internal
server
handlers
login.go
+7 -2
internal/server/handlers/login.go 
···

       
55

       
55

       
 

       



     

       
56

       
56

       
 

       
		// Basic handle validation


     

       
57

       
57

       
 

       
		if !strings.Contains(handle, ".") {


     

       
58

       

       
-

       
			l.Error("invalid handle format", "err", handle)


     

       

       
58

       
+

       
			l.Error("invalid handle format", "handle", handle)


     

       
59

       
59

       
 

       
			htmx.HxError(w, http.StatusBadGateway, fmt.Sprintf("'%s' is an invalid handle. Did you mean %s.bsky.social?", handle, handle))


     

       
60

       
60

       
 

       
			return


     

       
61

       
61

       
 

       
		}


     

       
62

       
62

       
 

       



     

       
63

       
63

       
 

       
		resolved, err := h.IdResolver.ResolveIdent(context.Background(), handle)


     

       
64

       

       
-

       
		if err == nil {


     

       

       
64

       
+

       
		if err != nil {


     

       

       
65

       
+

       
			l.Error("failed to resolve handle", "handle", handle, "err", err)


     

       

       
66

       
+

       
			htmx.HxError(w, http.StatusBadGateway, fmt.Sprintf("'%s' is an invalid handle", handle))


     

       

       
67

       
+

       
			return


     

       

       
68

       
+

       
		} else {


     

       
65

       
69

       
 

       
			if !h.Config.Core.Dev && resolved.DID.String() != "" {


     

       
66

       
70

       
 

       
				err := h.Posthog.Enqueue(posthog.Capture{


     

       
67

       
71

       
 

       
					DistinctId: string(resolved.DID),


     
···

       
75

       
79

       
 

       



     

       
76

       
80

       
 

       
		redirectURL, err := h.Oauth.ClientApp.StartAuthFlow(r.Context(), handle)


     

       
77

       
81

       
 

       
		if err != nil {


     

       

       
82

       
+

       
			l.Error("failed to resolve auth flow", "handle", handle, "err", err)


     

       
78

       
83

       
 

       
			http.Error(w, err.Error(), http.StatusInternalServerError)


     

       
79

       
84

       
 

       
			return


     

       
80

       
85

       
 

       
		}