Merge pull request #806 from opengisch/QF-3296-token-error

opengisch · Oct 24, 2023 · 4a530d6 · 4a530d6
2 parents 9299e45 + d09048a
commit 4a530d6
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 5 deletions.
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -44,7 +44,7 @@ jobs:
         run: |
           ln -s docker-compose.override.local.yml docker-compose.override.yml
 
-      - name: Check env vars coniguration
+      - name: Check env vars configuration
         run: |
           scripts/check_envvars.sh
 

diff --git a/docker-app/qfieldcloud/authentication/authentication.py b/docker-app/qfieldcloud/authentication/authentication.py
@@ -4,11 +4,11 @@
 from django.utils import timezone
 from django.utils.translation import gettext as _
 from qfieldcloud.core.models import User
-from rest_framework import exceptions
 from rest_framework.authentication import (
     TokenAuthentication as DjangoRestFrameworkTokenAuthentication,
 )
 
+from ..core.exceptions import AuthenticationViaTokenFailedError
 from .models import AuthToken
 
 
@@ -54,13 +54,13 @@ def authenticate_credentials(self, key):
         try:
             token = model.objects.get(key=key)
         except model.DoesNotExist:
-            raise exceptions.AuthenticationFailed(_("Invalid token."))
+            raise AuthenticationViaTokenFailedError(_("Invalid token."))
 
         if not token.is_active:
-            raise exceptions.AuthenticationFailed(_("Token has expired."))
+            raise AuthenticationViaTokenFailedError(_("Token has expired."))
 
         if not token.user.is_active:
-            raise exceptions.AuthenticationFailed(_("User inactive or deleted."))
+            raise AuthenticationViaTokenFailedError(_("User inactive or deleted."))
 
         # update the token last used time
         # NOTE the UPDATE may be performed already on the `token = model.objects.get(key=key)`, but we lose "token has expired" exception.

diff --git a/docker-app/qfieldcloud/core/exceptions.py b/docker-app/qfieldcloud/core/exceptions.py
@@ -48,6 +48,14 @@ class AuthenticationFailedError(QFieldCloudException):
     status_code = status.HTTP_401_UNAUTHORIZED
 
 
+class AuthenticationViaTokenFailedError(QFieldCloudException):
+    """Raised when QFieldCloud incoming request includes incorrect authentication token."""
+
+    code = "token_authentication_failed"
+    message = "Token authentication failed"
+    status_code = status.HTTP_401_UNAUTHORIZED
+
+
 class NotAuthenticatedError(QFieldCloudException):
     """Raised when QFieldCloud unauthenticated request fails the permission checks."""