Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FIDO2.complete_reg returns wrong status_code == 200 in exception handling #84

Open
41WhiteElephants opened this issue Jan 22, 2024 · 2 comments
Open

FIDO2.complete_reg returns wrong status_code == 200 in exception handling #84

41WhiteElephants opened this issue Jan 22, 2024 · 2 comments

Comments

@41WhiteElephants
Copy link

Please stick to HTTP convention and change status codes when you catch exceptions. When I was using your code in my wrappers to apply JWT auth into it, I found in negative test with wrong payload I cannot pass the line below 'cause it was always status_code == 200
assert response = client.post(url, wrong_payload, format='json') assert response.status_code == HTTP_400_BAD_REQUEST

As an example, code from mfa/FIDO2.py line 89.

return JsonResponse({'status': 'ERR', "message": "Error on server, please try again later"})
is using default status_code = 200 from base class HttpResponseBase .

expected code:
return JsonResponse({'status': 'ERR', "message": "Error on server, please try again later"}, status=status.HTTP_400_BAD_REQUEST)
The same goes for mfa/FIDO2.py line 55.
@mkalioby
Copy link
Owner

You can open a PR and I'll merge as ASAP.

@41WhiteElephants
Copy link
Author

Here #85

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mkalioby @41WhiteElephants