Don't differentiate between invalid and not existing Signature/Creden…

…tial ID See #12
Qup42 · Apr 29, 2022 · 810c873 · 810c873
1 parent 10411fd
commit 810c873
Showing 1 changed file with 1 addition and 2 deletions.
diff --git a/aletheia/auth_backends.py b/aletheia/auth_backends.py
@@ -35,7 +35,7 @@ def authenticate(self, request, credential_id: str, data: str = None):
 
         credential = AuthData.objects.filter(credential_id=credential_id).first()
         if not credential:
-            messages.error(request, f"This credential_id is not registered.", fail_silently=True)
+            messages.error(request, f"Authentication failed", fail_silently=True)
             return None
 
         try:
@@ -49,7 +49,6 @@ def authenticate(self, request, credential_id: str, data: str = None):
                 credential_public_key=base64decode(credential.public_key)
             )
         except InvalidAuthenticationResponse:
-            # TODO: give concrete feedback about why the authentication failed?
             messages.error(request, f"Authentication failed", fail_silently=True)
             return None