Explicitly set each non-200 status on each response

This commit is contained in:
Jonathan Barrow 2023-04-29 17:50:56 -04:00
parent 43432902c4
commit 20ddbe7552
No known key found for this signature in database
GPG Key ID: E86E9FE9049C741F
6 changed files with 19 additions and 50 deletions

View File

@ -27,10 +27,8 @@ async function PNIDMiddleware(request: express.Request, response: express.Respon
}
if (!pnid) {
response.status(401);
if (type === 'Bearer') {
response.send(xmlbuilder.create({
response.status(401).send(xmlbuilder.create({
errors: {
error: {
cause: 'access_token',
@ -43,7 +41,7 @@ async function PNIDMiddleware(request: express.Request, response: express.Respon
return;
}
response.send(xmlbuilder.create({
response.status(401).send(xmlbuilder.create({
errors: {
error: {
code: '1105',

View File

@ -34,10 +34,8 @@ function XMLMiddleware(request: express.Request, response: express.Response, nex
request.body = request.body.toObject();
request.body = mapToObject(request.body);
} catch (error) {
response.status(401);
// TODO: This is not a real error code, check to see if better one exists
return response.send(xmlbuilder.create({
return response.status(401).send(xmlbuilder.create({
errors: {
error: {
code: '0004',

View File

@ -86,8 +86,7 @@ app.use((error: any, request: express.Request, response: express.Response, _next
LOG_WARN(`HTTP ${status} at ${url} from ${deviceId}: ${error.message}`);
response.status(status);
response.json({
response.status(status).json({
app: 'api',
status,
error: error.message

View File

@ -20,8 +20,7 @@ router.post('/access_token/generate', async (request: express.Request, response:
const password: string = request.body?.password;
if (!['password', 'refresh_token'].includes(grantType)) {
response.status(400);
response.send(xmlbuilder.create({
response.status(400).send(xmlbuilder.create({
error: {
cause: 'grant_type',
code: '0004',
@ -33,8 +32,7 @@ router.post('/access_token/generate', async (request: express.Request, response:
}
if (!username || username.trim() === '') {
response.status(400);
response.send(xmlbuilder.create({
response.status(400).send(xmlbuilder.create({
error: {
cause: 'user_id',
code: '0002',
@ -46,8 +44,7 @@ router.post('/access_token/generate', async (request: express.Request, response:
}
if (!password || password.trim() === '') {
response.status(400);
response.send(xmlbuilder.create({
response.status(400).send(xmlbuilder.create({
error: {
cause: 'password',
code: '0002',
@ -61,8 +58,7 @@ router.post('/access_token/generate', async (request: express.Request, response:
const pnid: HydratedPNIDDocument | null = await getPNIDByUsername(username);
if (!pnid || !await bcrypt.compare(password, pnid.password)) {
response.status(400);
response.send(xmlbuilder.create({
response.status(400).send(xmlbuilder.create({
error: {
code: '0106',
message: 'Invalid account ID or password'

View File

@ -34,9 +34,7 @@ router.get('/:username', async (request: express.Request, response: express.Resp
const userExists: boolean = await doesPNIDExist(username);
if (userExists) {
response.status(400);
response.send(xmlbuilder.create({
response.status(400).send(xmlbuilder.create({
errors: {
error: {
code: '0100',
@ -60,9 +58,7 @@ router.get('/:username', async (request: express.Request, response: express.Resp
router.post('/', ratelimit, deviceCertificateMiddleware, async (request: express.Request, response: express.Response): Promise<void> => {
if (!request.certificate || !request.certificate.valid) {
// TODO: Change this to a different error
response.status(400);
response.send(xmlbuilder.create({
response.status(400).send(xmlbuilder.create({
error: {
cause: 'Bad Request',
code: '1600',
@ -78,9 +74,7 @@ router.post('/', ratelimit, deviceCertificateMiddleware, async (request: express
const userExists: boolean = await doesPNIDExist(person.user_id);
if (userExists) {
response.status(400);
response.send(xmlbuilder.create({
response.status(400).send(xmlbuilder.create({
errors: {
error: {
code: '0100',
@ -194,9 +188,7 @@ router.post('/', ratelimit, deviceCertificateMiddleware, async (request: express
await session.abortTransaction();
response.status(400);
response.send(xmlbuilder.create({
response.status(400).send(xmlbuilder.create({
error: {
cause: 'Bad Request',
code: '1600',
@ -510,9 +502,7 @@ router.put('/@me/devices/@current/inactivate', async (request: express.Request,
const pnid: HydratedPNIDDocument | null = request.pnid;
if (!pnid) {
response.status(400);
response.send(xmlbuilder.create({
response.status(400).send(xmlbuilder.create({
errors: {
error: {
cause: 'access_token',
@ -538,9 +528,7 @@ router.put('/@me/deletion', async (request: express.Request, response: express.R
const pnid: HydratedPNIDDocument | null = request.pnid;
if (!pnid) {
response.status(400);
response.send(xmlbuilder.create({
response.status(400).send(xmlbuilder.create({
errors: {
error: {
cause: 'access_token',
@ -569,9 +557,7 @@ router.put('/@me', async (request: express.Request, response: express.Response):
const person: Person = request.body.person;
if (!pnid) {
response.status(400);
response.send(xmlbuilder.create({
response.status(400).send(xmlbuilder.create({
errors: {
error: {
cause: 'access_token',
@ -635,9 +621,7 @@ router.get('/@me/emails', async (request: express.Request, response: express.Res
const pnid: HydratedPNIDDocument | null = request.pnid;
if (!pnid) {
response.status(400);
response.send(xmlbuilder.create({
response.status(400).send(xmlbuilder.create({
errors: {
error: {
cause: 'access_token',
@ -682,9 +666,7 @@ router.put('/@me/emails/@primary', async (request: express.Request, response: ex
} = request.body.email;
if (!pnid || !email || !email.address) {
response.status(400);
response.send(xmlbuilder.create({
response.status(400).send(xmlbuilder.create({
errors: {
error: {
cause: 'access_token',

View File

@ -19,9 +19,7 @@ router.get('/service_token/@me', async (request: express.Request, response: expr
const pnid: HydratedPNIDDocument | null = request.pnid;
if (!pnid) {
response.status(400);
response.send(xmlbuilder.create({
response.status(400).send(xmlbuilder.create({
errors: {
error: {
cause: 'access_token',
@ -111,9 +109,7 @@ router.get('/nex_token/@me', async (request: express.Request, response: express.
const pnid: HydratedPNIDDocument | null = request.pnid;
if (!pnid) {
response.status(400);
response.send(xmlbuilder.create({
response.status(400).send(xmlbuilder.create({
errors: {
error: {
cause: 'access_token',