diff --git a/packages/backend-core/src/middleware/authenticated.ts b/packages/backend-core/src/middleware/authenticated.ts
index d7e6346b3f..0708581570 100644
--- a/packages/backend-core/src/middleware/authenticated.ts
+++ b/packages/backend-core/src/middleware/authenticated.ts
@@ -154,7 +154,8 @@ export default function (
return next()
}
} catch (err: any) {
- console.error("Auth Error", err?.message || err)
+ console.error(`Auth Error: ${err.message}`)
+ console.error(err)
// invalid token, clear the cookie
if (err && err.name === "JsonWebTokenError") {
clearCookie(ctx, Cookie.Auth)
diff --git a/packages/builder/src/pages/builder/portal/settings/auth/index.svelte b/packages/builder/src/pages/builder/portal/settings/auth/index.svelte
index af272b5d7c..0e82dd31e7 100644
--- a/packages/builder/src/pages/builder/portal/settings/auth/index.svelte
+++ b/packages/builder/src/pages/builder/portal/settings/auth/index.svelte
@@ -368,7 +368,7 @@
{#if !$licensing.enforceableSSO}
- Business plan
+ Enterprise plan
{/if}
diff --git a/packages/worker/src/api/controllers/global/auth.ts b/packages/worker/src/api/controllers/global/auth.ts
index 92cf014a48..362723abd9 100644
--- a/packages/worker/src/api/controllers/global/auth.ts
+++ b/packages/worker/src/api/controllers/global/auth.ts
@@ -62,7 +62,7 @@ export const login = async (ctx: Ctx, next: any) => {
const user = await userSdk.getUserByEmail(email)
if (user && (await userSdk.isPreventPasswordActions(user))) {
- ctx.throw(400, "Password login is disabled for this user")
+ ctx.throw(403, "Invalid credentials")
}
return passport.authenticate(
diff --git a/packages/worker/src/api/routes/global/tests/auth.spec.ts b/packages/worker/src/api/routes/global/tests/auth.spec.ts
index 9b5392fc73..6c133df652 100644
--- a/packages/worker/src/api/routes/global/tests/auth.spec.ts
+++ b/packages/worker/src/api/routes/global/tests/auth.spec.ts
@@ -106,12 +106,12 @@ describe("/api/global/auth", () => {
tenantId,
email,
password,
- { status: 400 }
+ { status: 403 }
)
expect(response.body).toEqual({
- message: "Password login is disabled for this user",
- status: 400,
+ message: "Invalid credentials",
+ status: 403,
})
}
@@ -170,18 +170,8 @@ describe("/api/global/auth", () => {
async function testSSOUser() {
const { res } = await config.api.auth.requestPasswordReset(
sendMailMock,
- user.email,
- { status: 400 }
+ user.email
)
-
- expect(res.body).toEqual({
- message: "Password reset is disabled for this user",
- status: 400,
- error: {
- code: "http",
- type: "generic",
- },
- })
expect(sendMailMock).not.toHaveBeenCalled()
}
diff --git a/packages/worker/src/sdk/auth/auth.ts b/packages/worker/src/sdk/auth/auth.ts
index 8e9cff18dd..98830c576d 100644
--- a/packages/worker/src/sdk/auth/auth.ts
+++ b/packages/worker/src/sdk/auth/auth.ts
@@ -59,7 +59,7 @@ export const reset = async (email: string) => {
// exit if user has sso
if (await userSdk.isPreventPasswordActions(user)) {
- throw new HTTPError("Password reset is disabled for this user", 400)
+ return
}
// send password reset
diff --git a/packages/worker/src/tests/api/auth.ts b/packages/worker/src/tests/api/auth.ts
index bd0471ca74..552d4da505 100644
--- a/packages/worker/src/tests/api/auth.ts
+++ b/packages/worker/src/tests/api/auth.ts
@@ -61,11 +61,13 @@ export class AuthAPI extends TestAPI {
let code: string | undefined
if (res.status === 200) {
- const emailCall = sendMailMock.mock.calls[0][0]
- const parts = emailCall.html.split(
- `http://localhost:10000/builder/auth/reset?code=`
- )
- code = parts[1].split('"')[0].split("&")[0]
+ if (sendMailMock.mock.calls.length) {
+ const emailCall = sendMailMock.mock.calls[0][0]
+ const parts = emailCall.html.split(
+ `http://localhost:10000/builder/auth/reset?code=`
+ )
+ code = parts[1].split('"')[0].split("&")[0]
+ }
}
return { code, res }