bug: account for etcd leader changes error

if we fail to read the secret from etcd we should return an internal server error and not an unauthorized error.
replicatedhq · Nov 13, 2024 · d706447 · d706447
1 parent 55b35f4
commit d706447
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 1 deletion.
diff --git a/pkg/handlers/middleware.go b/pkg/handlers/middleware.go
@@ -99,6 +99,7 @@ func RequireValidSessionQuietMiddleware(kotsStore store.Store) mux.MiddlewareFun
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			sess, err := requireValidSession(kotsStore, w, r)
 			if err != nil {
+				logger.Errorf("failed validating session: %s", err)
 				return
 			}
 

diff --git a/pkg/handlers/session.go b/pkg/handlers/session.go
@@ -95,7 +95,7 @@ func requireValidSession(kotsStore store.Store, w http.ResponseWriter, r *http.R
 	passwordUpdatedAt, err := kotsStore.GetPasswordUpdatedAt()
 	if err != nil {
 		response := types.ErrorResponse{Error: util.StrPointer("failed to validate session with current password")}
-		JSON(w, http.StatusUnauthorized, response)
+		JSON(w, http.StatusInternalServerError, response)
 		return nil, err
 	}
 	if passwordUpdatedAt != nil && passwordUpdatedAt.After(sess.IssuedAt) {