Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication error messages from PAS Plugins aren't returned by the restapi #1761

Open
djay opened this issue Mar 8, 2024 · 1 comment
Open

Authentication error messages from PAS Plugins aren't returned by the restapi #1761

djay opened this issue Mar 8, 2024 · 1 comment
Labels
01 type: bug

Comments

@djay
Copy link
Member

djay commented Mar 8, 2024
edited

All errors result in the same generic error message which can be misleading

plone.restapi/src/plone/restapi/services/auth/login.py

Line 64 in b93e410

return dict(

The method used by most PAS Plugins is the status message. Either for information purposes or errors about why the login was not successful. The status messages should be passed via the api so the client can display them

An example of a plugin is

https://github.com/collective/Products.LoginLockout/blob/506ff80b8066e0c26acc3e9cb7c05a76e4b96787/Products/LoginLockout/plugin.py#L232
@djay
Copy link
Member Author

djay commented Apr 30, 2024

The message is passed as a cookie but this might not be the preferred method. Either Volto needs to read the cookies or the restapi should convert the cookies to header or json response.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
01 type: bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@djay