From c9e8915f63d9462298d5f5a067938daf219402c4 Mon Sep 17 00:00:00 2001 From: Ricardo Maraschini Date: Wed, 13 Nov 2024 14:32:26 +0100 Subject: [PATCH] bug: account for etcd leader changes error if we fail to read the secret from etcd we should return an internal server error and not an unauthorized error. --- pkg/handlers/middleware.go | 1 + pkg/handlers/session.go | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/pkg/handlers/middleware.go b/pkg/handlers/middleware.go index ea328f8a89..0525e1febb 100644 --- a/pkg/handlers/middleware.go +++ b/pkg/handlers/middleware.go @@ -99,6 +99,7 @@ func RequireValidSessionQuietMiddleware(kotsStore store.Store) mux.MiddlewareFun return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { sess, err := requireValidSession(kotsStore, w, r) if err != nil { + logger.Errorf("failed validating session: %s", err) return } diff --git a/pkg/handlers/session.go b/pkg/handlers/session.go index 2179f996ed..70bc84dafd 100644 --- a/pkg/handlers/session.go +++ b/pkg/handlers/session.go @@ -95,7 +95,7 @@ func requireValidSession(kotsStore store.Store, w http.ResponseWriter, r *http.R passwordUpdatedAt, err := kotsStore.GetPasswordUpdatedAt() if err != nil { response := types.ErrorResponse{Error: util.StrPointer("failed to validate session with current password")} - JSON(w, http.StatusUnauthorized, response) + JSON(w, http.StatusInternalServerError, response) return nil, err } if passwordUpdatedAt != nil && passwordUpdatedAt.After(sess.IssuedAt) {