Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Two exceptions were handled differently by the API layer (which let the exception handlers determine the status code) and the middleware used by the frontends (which used the "code" that was set when throwing the exceptions). When extracting the logic, I mostly used the exception codes, which now changed the behavior of the API, e.g. when raising a "permission denied" error when incorrect login credentials were entered. The other case was the CSRF token mismatch - the frontend used the 419 status code (inspired by Laravel, I suppose), whereas the API (which was covered by tests) used HTTP 400.
- Loading branch information