From 3e0e1893cb5d73103418448b588c731f34d0b390 Mon Sep 17 00:00:00 2001
From: Kizito Akhilome <hovkard@gmail.com>
Date: Tue, 9 Oct 2018 22:33:51 +0100
Subject: [PATCH] fix(invalid-email): make error message ambiguous

[Fixes #161101925]
---
 server/controllers/authController.js | 4 ++--
 tests/routes/auth.spec.js            | 2 ++
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/server/controllers/authController.js b/server/controllers/authController.js
index 3455b7e..356a4c5 100644
--- a/server/controllers/authController.js
+++ b/server/controllers/authController.js
@@ -38,7 +38,7 @@ class AuthController {
       if (!userExists) {
         return res.status(400).json({
           status: 'error',
-          message: 'no user with that email exists',
+          message: 'invalid email or password provided',
         });
       }
 
@@ -48,7 +48,7 @@ class AuthController {
       if (!correctPassword) {
         return res.status(400).json({
           status: 'error',
-          message: 'incorrect password',
+          message: 'invalid email or password provided',
         });
       }
 
diff --git a/tests/routes/auth.spec.js b/tests/routes/auth.spec.js
index e8633d1..2695c82 100644
--- a/tests/routes/auth.spec.js
+++ b/tests/routes/auth.spec.js
@@ -149,6 +149,7 @@ describe('POST /auth/login', () => {
 
         res.status.should.eql(400);
         res.body.should.not.have.keys(['auth_token']);
+        res.body.message.should.eql('invalid email or password provided');
         done();
       });
   });
@@ -162,6 +163,7 @@ describe('POST /auth/login', () => {
 
         res.status.should.eql(400);
         res.body.should.not.have.keys(['auth_token']);
+        res.body.message.should.eql('invalid email or password provided');
         done();
       });
   });