on login display invalid-login-credentials

2025-11-02 12:05:57 +01:00 · 2017-04-24 13:31:38 -04:00
parent 4900f21dd5
commit c45c4a5fdb
3 changed files with 11 additions and 14 deletions
--- a/public/language/en-GB/error.json
+++ b/public/language/en-GB/error.json
@@ -15,6 +15,7 @@
 	"invalid-title": "Invalid title",
 	"invalid-user-data": "Invalid User Data",
 	"invalid-password": "Invalid Password",
+	"invalid-login-credentials": "Invalid login credentials",
 	"invalid-username-or-password": "Please specify both a username and password",
 	"invalid-search-term": "Invalid search term",
 	"csrf-invalid": "We were unable to log you in, likely due to an expired session. Please try again",
--- a/src/controllers/authentication.js
+++ b/src/controllers/authentication.js
@@ -16,7 +16,7 @@ var Password = require('../password');

 var sockets = require('../socket.io');

-var authenticationController = {};
+var authenticationController = module.exports;

 authenticationController.register = function (req, res) {
 	var registrationType = meta.config.registrationType || 'normal';
@@ -357,13 +357,8 @@ authenticationController.localLogin = function (req, username, password, next) {
 			user.getUidByUserslug(userslug, next);
 		},
 		function (_uid, next) {
-			if (!_uid) {
-				return next(new Error('[[error:no-user]]'));
-			}
 			uid = _uid;
-			user.auth.logAttempt(uid, req.ip, next);
-		},
-		function (next) {
+
 			async.parallel({
 				userData: function (next) {
 					db.getObjectFields('user:' + uid, ['password', 'passwordExpiry'], next);
@@ -384,9 +379,7 @@ authenticationController.localLogin = function (req, username, password, next) {
 			if (!result.isAdmin && parseInt(meta.config.allowLocalLogin, 10) === 0) {
 				return next(new Error('[[error:local-login-disabled]]'));
 			}
-			if (!userData || !userData.password) {
-				return next(new Error('[[error:invalid-user-data]]'));
-			}
+
 			if (result.banned) {
 				// Retrieve ban reason and show error
 				return user.getLatestBanInfo(uid, function (err, banInfo) {
@@ -404,11 +397,14 @@ authenticationController.localLogin = function (req, username, password, next) {
 				});
 			}

+			user.auth.logAttempt(uid, req.ip, next);
+		},
+		function (next) {
 			Password.compare(password, userData.password, next);
 		},
 		function (passwordMatch, next) {
 			if (!passwordMatch) {
-				return next(new Error('[[error:invalid-password]]'));
+				return next(new Error('[[error:invalid-login-credentials]]'));
 			}
 			user.auth.clearLoginAttempts(uid);
 			next(null, userData, '[[success:authentication-successful]]');
@@ -441,6 +437,3 @@ authenticationController.logout = function (req, res, next) {
 		res.status(200).send('');
 	}
 };
-
-
-module.exports = authenticationController;
--- a/src/user/auth.js
+++ b/src/user/auth.js
@@ -11,6 +11,9 @@ module.exports = function (User) {
 	User.auth = {};

 	User.auth.logAttempt = function (uid, ip, callback) {
+		if (!parseInt(uid, 10)) {
+			return setImmediate(callback);
+		}
 		async.waterfall([
 			function (next) {
 				db.exists('lockout:' + uid, next);