Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
concrexit
concrexit
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 70
    • Issues 70
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 10
    • Merge Requests 10
  • Operations
    • Operations
    • Incidents
  • Analytics
    • Analytics
    • Repository
    • Value Stream
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
  • thalia
  • concrexitconcrexit
  • Issues
  • #959

Closed
Open
Opened Nov 06, 2019 by Gijs Hendriksen@ghendriksenContributor

API authentication returns 400 when providing the wrong credentials

One-sentence description

The API /token-auth/ returns a 400 status code when the user passed incorrect credentials, which makes it unclear why the request was denied.

Why?

To make use of the correct HTTP status code, which could clarify the reason an authentication request was denied.

Current implementation

/token-auth/ returns a 400 when providing incorrect credentials

Suggested implementation

/token-auth/ returns a 401(?) when providing incorrect credentials

To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: thalia/concrexit#959