refactor: error message

Do not expose any auth details with which hackers may guess what's behind
crazyoptimist · Jun 16, 2024 · 8c166e3 · 8c166e3
1 parent 95ca05e
commit 8c166e3
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 10 deletions.
diff --git a/internal/domain/auth/service.go b/internal/domain/auth/service.go
@@ -2,7 +2,6 @@ package auth
 
 import (
 	"errors"
-	"fmt"
 	"strconv"
 
 	"gin-starter/internal/domain/model"
@@ -15,8 +14,6 @@ type AuthHelper interface {
 	IsTokenBlacklisted(token string) (bool, error)
 }
 
-var ErrTokenBlacklisted = fmt.Errorf("Refresh token is blacklisted")
-
 type AuthService struct {
 	UserRepository user.UserRepository
 	AuthHelper     AuthHelper
@@ -108,7 +105,7 @@ func (s *AuthService) Refresh(logoutDto *LogoutDto) (*LoginResponse, error) {
 	}
 
 	if isTokenBlacklisted {
-		return nil, ErrTokenBlacklisted
+		return nil, errors.New("Invalid refresh token")
 	}
 
 	err = s.AuthHelper.BlacklistToken(logoutDto.RefreshToken)

diff --git a/internal/infrastructure/controller/auth_controller.go b/internal/infrastructure/controller/auth_controller.go
@@ -1,7 +1,6 @@
 package controller
 
 import (
-	"errors"
 	"net/http"
 
 	"github.com/gin-gonic/gin"
@@ -116,11 +115,7 @@ func (a *authController) Refresh(c *gin.Context) {
 
 	refreshResponse, err := a.AuthService.Refresh(&refreshDto)
 	if err != nil {
-		if errors.Is(err, auth.ErrTokenBlacklisted) {
-			common.RaiseHttpError(c, http.StatusUnauthorized, err)
-			return
-		}
-		common.RaiseHttpError(c, http.StatusInternalServerError, err)
+		common.RaiseHttpError(c, http.StatusUnauthorized, err)
 		return
 	}