From e50f01f009ce91a14087bfab84f30c357e06dce2 Mon Sep 17 00:00:00 2001
From: Robby Zambito <contact@robbyzambito.me>
Date: Thu, 7 Aug 2025 01:06:18 -0400
Subject: Properly send unauthorized response for login

---
 internal/api/handlers.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'internal')

diff --git a/internal/api/handlers.go b/internal/api/handlers.go
index 8d328a6..6fb6361 100644
--- a/internal/api/handlers.go
+++ b/internal/api/handlers.go
@@ -60,7 +60,7 @@ func CreateLoginHandler(logs *[log_length]string, n *int, logChan chan string) h
 		var data map[string]any
 		if json.Unmarshal(body, &data) != nil {
 			addRotLog(logs, n, logChan, fmt.Sprintf(`{"authRequest": %s}`, string(body)))
-			http.Error(w, "Forbidden", http.StatusForbidden)
+			http.Error(w, `{"message": "Unauthorized"}`, http.StatusUnauthorized)
 			return
 		}
 
@@ -69,7 +69,7 @@ func CreateLoginHandler(logs *[log_length]string, n *int, logChan chan string) h
 				addRotLog(logs, n, logChan, fmt.Sprintf(`{"authRequest": {"email": "%s", "password": "XXXXXXXX", "loginTime": "%s", "success": false, "rememberMe": %t}}`, email, time.Now().UTC(), rememberMe))
 			}
 		}
-		http.Error(w, "Forbidden", http.StatusForbidden)
+		http.Error(w, `{"message": "Unauthorized"}`, http.StatusUnauthorized)
 	}
 }
 
-- 
cgit