Graceful failure for invalid auth

* Rather than just a 404 page... redirect to login page and denote with QSP when data present * Some compliance with STYLEGUIDE.md max line length Applies to OpenUserJS#1369 and OpenUserJS#37
Martii · May 22, 2018 · 4fad917 · 4fad917
1 parent ca90341
commit 4fad917
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 2 deletions.
diff --git a/controllers/auth.js b/controllers/auth.js
@@ -77,8 +77,9 @@ exports.auth = function (aReq, aRes, aNext) {
     var authenticate = null;
 
     // Just in case someone tries a bad /auth/* url
+    // or an auth has been EOL'd
     if (!strategyInstances[strategy]) {
-      aNext();
+      aRes.redirect('/login?invalidauth');
       return;
     }
 

diff --git a/controllers/user.js b/controllers/user.js
@@ -890,7 +890,10 @@ exports.userEditPreferencesPage = function (aReq, aRes, aNext) {
           return aStrategy.display;
         });
 
-        options.defaultStrategy = strategies[defaultStrategy] ? strategies[defaultStrategy].name : null;
+        options.defaultStrategy = strategies[defaultStrategy]
+          ? strategies[defaultStrategy].name
+          : null;
+
         options.defaultStrat = defaultStrategy;
         options.haveOtherStrategies = options.usedStrategies.length > 0;