change login failure status code

oops
2025-06-15 19:14:49 +02:00 · 2025-06-15 19:12:34 +02:00
2 changed files with 10 additions and 3 deletions
--- a/Femto.Api/Controllers/Auth/AuthController.cs
+++ b/Femto.Api/Controllers/Auth/AuthController.cs
@ -35,7 +35,7 @@ public class AuthController(
        );
        
        if (user is null)
-            return Forbid();
+            return this.BadRequest();
        
        var session = await authService.CreateStrongSession(user.Id);

--- a/Femto.Modules.Auth/Application/Services/AuthService.cs
+++ b/Femto.Modules.Auth/Application/Services/AuthService.cs
@ -15,10 +15,17 @@ internal class AuthService(AuthContext context, SessionStorage storage) : IAuthS
        CancellationToken cancellationToken = default
    )
    {
-        return await context
+        var user = await context
            .Users.Where(u => u.Username == username)
-            .Select(u => new UserInfo(u.Id, u.Username, u.Roles.Select(r => r.Role).ToList()))
            .SingleOrDefaultAsync(cancellationToken);
+        
+        if (user is null)
+            return null;
+
+        if (!user.HasPassword(password))
+            return null;
+        
+        return new UserInfo(user.Id, user.Username, user.Roles.Select(r => r.Role).ToList());
    }

    public Task<UserInfo?> GetUserWithId(Guid? userId, CancellationToken cancellationToken)
Author	SHA1	Message	Date
john	65ba3a6435	change login failure status code	2025-06-15 19:14:49 +02:00
john	a57515c33e	oops	2025-06-15 19:12:34 +02:00