Skip to content

Commit

Permalink
Merge pull request #11704 from jredrejo/message_invalid_username
Browse files Browse the repository at this point in the history
Better handling of validation errors when remote facility does not require passwords
  • Loading branch information
rtibbles authored Jan 10, 2024
2 parents d840fb0 + 9bfe9ec commit 6ad58b3
Show file tree
Hide file tree
Showing 5 changed files with 26 additions and 3 deletions.
1 change: 1 addition & 0 deletions kolibri/core/assets/src/constants.js
Original file line number Diff line number Diff line change
Expand Up @@ -150,6 +150,7 @@ export const ERROR_CONSTANTS = {
ALREADY_REGISTERED_FOR_COMMUNITY: 'ALREADY_REGISTERED_FOR_COMMUNITY',
// 401 error constants
INVALID_CREDENTIALS: 'INVALID_CREDENTIALS',
INVALID_USERNAME: 'INVALID_USERNAME',
// 404 error constants
NOT_FOUND: 'NOT_FOUND',
INVALID_KDP_REGISTRATION_TOKEN: 'INVALID_KDP_REGISTRATION_TOKEN',
Expand Down
8 changes: 7 additions & 1 deletion kolibri/core/auth/tasks.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
from django.core.management import call_command
from django.utils import timezone
from rest_framework import serializers
from rest_framework.exceptions import AuthenticationFailed
from rest_framework.exceptions import ValidationError

from kolibri.core.auth.constants.demographics import NOT_SPECIFIED
Expand Down Expand Up @@ -532,7 +533,12 @@ def validate(self, data):
facility_id = data["facility"]
username = data["username"]
password = data["password"]
facility_info = get_remote_users_info(baseurl, facility_id, username, password)
try:
facility_info = get_remote_users_info(
baseurl, facility_id, username, password
)
except AuthenticationFailed as e:
raise ValidationError(detail=str(e.detail), code=e.detail.code)
user_info = facility_info["user"]

# syncing using an admin account (username & password belong to the admin):
Expand Down
18 changes: 16 additions & 2 deletions kolibri/core/auth/utils/users.py
Original file line number Diff line number Diff line change
Expand Up @@ -49,9 +49,23 @@ def get_remote_users_info(baseurl, facility_id, username, password):
response.raise_for_status()
except (CommandError, HTTPError, ConnectionError) as e:
if password == NOT_SPECIFIED or not password:
raise AuthenticationFailed(
detail="Password is required", code=error_constants.MISSING_PASSWORD
facility_info_url = reverse_remote(
baseurl,
"kolibri:core:publicfacility-detail",
args=[
facility_id,
],
)
response = requests.get(facility_info_url)
if response.json()["learner_can_login_with_no_password"]:
raise AuthenticationFailed(
detail="The username can not be found",
code=error_constants.INVALID_USERNAME,
)
else:
raise AuthenticationFailed(
detail="Password is required", code=error_constants.MISSING_PASSWORD
)
else:
raise AuthenticationFailed(
detail=str(e), code=error_constants.AUTHENTICATION_FAILED
Expand Down
1 change: 1 addition & 0 deletions kolibri/core/error_constants.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
PASSWORD_NOT_SPECIFIED = "PASSWORD_NOT_SPECIFIED"
# 401 error constants
INVALID_CREDENTIALS = "INVALID_CREDENTIALS"
INVALID_USERNAME = "INVALID_USERNAME"
# 404 error constants
NOT_FOUND = "NOT_FOUND"
FACILITY_DOES_NOT_EXIST = "FACILITY_DOES_NOT_EXIST"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,6 +284,7 @@
ERROR_CONSTANTS.MISSING_PASSWORD,
ERROR_CONSTANTS.PASSWORD_NOT_SPECIFIED,
ERROR_CONSTANTS.AUTHENTICATION_FAILED,
ERROR_CONSTANTS.INVALID_USERNAME,
]);
const errorData = error.response.data;
Expand Down

0 comments on commit 6ad58b3

Please sign in to comment.