errors for access denied and authorization required

2025-12-26 18:12:40 +00:00 · 2024-06-16 17:14:27 +02:00
parent f15c831b70
commit f07252d670
2 changed files with 45 additions and 12 deletions
--- a/client/homebrew/pages/errorPage/errors/errorIndex.js
+++ b/client/homebrew/pages/errorPage/errors/errorIndex.js
@@ -148,19 +148,55 @@ const errorIndex = (props)=>{
 		
 		**Brew Title:** ${props.brew.brewTitle}`,

+
+
+		// ####### Admin pages errors ####### 
+
+		'401': dedent`
+		## Authorization Required
+
+		You need to provide correct credentials to access this page.
+		
+		:
+		
+		This is an administrator only page to manage the site, if you should not have access, leave inmediately.
+
+		:
+
+		If you have received instructions to open this page, report 
+		as so at our subreddit or discord you will find in the home page.
+		`,
+		'403': dedent`
+		## Access Denied
+		
+		The credentials you entered are not correct, you may try again, attention, there is a limited number of tries before you are blocked.
+		
+		:
+
+		This is an administrator only page to manage the site, if you should not have access, leave inmediately.
+		
+		:
+		
+		If you have received instructions to open this page, report 
+		as so at our subreddit or discord you will find in the home page.
+		`,
+
 		'470' : dedent`
 		## You have runned out of attempts

-		You are trying to access the admin page, reserved for the administrators of this tool. 
-		This is not a page where regular users should be, please, refrain from further access attempts.
-
+		You have failed to provide correct credentials to access the page too many times, and you have run out of attempts.
+		
 		:
-
-		If you are a part of the administrators team who does not remember the correct credentials, 
-		please get in contact with the rest of the team before trying again.
-
+		
+		This is an administrator only page to manage the site, if you should not have access, leave inmediately.
+		
 		:
 		
+		If you have received instructions to open this page, report 
+		as so at our subreddit or discord you will find in the home page.
+		
+		::
+		
 		In any case, your attempts have been logged, and you will not be capable of doing any more attempt for now.
 		`,
 	};
--- a/server/admin.api.js
+++ b/server/admin.api.js
@@ -21,10 +21,7 @@ const mw = {
        loginLimiter,
        (req, res, next) => {
            if (!req.get('authorization')) {
-                return res
-                    .set('WWW-Authenticate', 'Basic realm="Authorization Required"')
-                    .status(401)
-                    .send('Authorization Required');
+                throw { HBErrorCode: '401', code: 401, message: 'Authorization Required' };
            }
            const [username, password] = Buffer.from(req.get('authorization').split(' ').pop(), 'base64')
                .toString('ascii')
@@ -32,7 +29,7 @@ const mw = {
            if (process.env.ADMIN_USER === username && process.env.ADMIN_PASS === password) {
                return next();
            }
-            return res.status(401).send('Access denied');
+            throw { HBErrorCode: '403', code: 403, message: 'Access denied' };
        }
    ]
 };