From 0a574eeefa5e5d27759eaef879d3efac5173d487 Mon Sep 17 00:00:00 2001 From: Luke Faraone Date: Fri, 10 Jan 2014 17:53:11 -0500 Subject: [PATCH] Return machine-readable error codes along with 403 responses. (imported from commit f60e9fa587a41d643cb817cae3ef06938a59f68c) --- zerver/views/__init__.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/zerver/views/__init__.py b/zerver/views/__init__.py index a6c45899cb..aeba468bd2 100644 --- a/zerver/views/__init__.py +++ b/zerver/views/__init__.py @@ -1494,10 +1494,10 @@ def api_fetch_api_key(request, username=REQ, password=REQ): if user_profile is None: if return_data.get("valid_attestation") == True: # We can leak that the user is unregistered iff they present a valid authentication string for the user. - return json_error("This user is not registered; do so from a browser.", status=403) - return json_error("Your username or password is incorrect.", status=403) + return json_error("This user is not registered; do so from a browser.", data={"reason": "unregistered"}, status=403) + return json_error("Your username or password is incorrect.", data={"reason": "incorrect_creds"}, status=403) if not user_profile.is_active: - return json_error("Your account has been disabled.", status=403) + return json_error("Your account has been disabled.", data={"reason": "disabled"}, status=403) return json_success({"api_key": user_profile.api_key}) @authenticated_json_post_view