Skip to content

Commit

Permalink
Fix inconsistent status codes
Browse files Browse the repository at this point in the history 
Two exceptions were handled differently by the API layer (which let the
exception handlers determine the status code) and the middleware used by
the frontends (which used the "code" that was set when throwing the
exceptions).

When extracting the logic, I mostly used the exception codes, which
now changed the behavior of the API, e.g. when raising a "permission
denied" error when incorrect login credentials were entered.

The other case was the CSRF token mismatch - the frontend used the 419
status code (inspired by Laravel, I suppose), whereas the API (which was
covered by tests) used HTTP 400.
  • Loading branch information
@franzliedke
franzliedke committed Aug 10, 2019
1 parent d06493c commit 281a3fe
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/Foundation/ErrorServiceProvider.php
View file
Expand Up @@ -31,11 +31,11 @@ public function register()

// 401 Unauthorized
'invalid_access_token' => 401,
'permission_denied' => 401,

// 403 Forbidden
'forbidden' => 403,
'invalid_confirmation_token' => 403,
'permission_denied' => 403,

// 404 Not Found
'model_not_found' => 404,
Expand Down

0 comments on commit 281a3fe

Please sign in to comment.