From d70644704a4a2565cb8e8150d1fcd67b6cf6b3d6 Mon Sep 17 00:00:00 2001
From: Ricardo Maraschini <ricardo.maraschini@gmail.com>
Date: Wed, 13 Nov 2024 14:32:26 +0100
Subject: [PATCH] bug: account for etcd leader changes error

if we fail to read the secret from etcd we should return an internal
server error and not an unauthorized error.
---
 pkg/handlers/middleware.go | 1 +
 pkg/handlers/session.go    | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/pkg/handlers/middleware.go b/pkg/handlers/middleware.go
index ea328f8a89..0525e1febb 100644
--- a/pkg/handlers/middleware.go
+++ b/pkg/handlers/middleware.go
@@ -99,6 +99,7 @@ func RequireValidSessionQuietMiddleware(kotsStore store.Store) mux.MiddlewareFun
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			sess, err := requireValidSession(kotsStore, w, r)
 			if err != nil {
+				logger.Errorf("failed validating session: %s", err)
 				return
 			}
 
diff --git a/pkg/handlers/session.go b/pkg/handlers/session.go
index 2179f996ed..70bc84dafd 100644
--- a/pkg/handlers/session.go
+++ b/pkg/handlers/session.go
@@ -95,7 +95,7 @@ func requireValidSession(kotsStore store.Store, w http.ResponseWriter, r *http.R
 	passwordUpdatedAt, err := kotsStore.GetPasswordUpdatedAt()
 	if err != nil {
 		response := types.ErrorResponse{Error: util.StrPointer("failed to validate session with current password")}
-		JSON(w, http.StatusUnauthorized, response)
+		JSON(w, http.StatusInternalServerError, response)
 		return nil, err
 	}
 	if passwordUpdatedAt != nil && passwordUpdatedAt.After(sess.IssuedAt) {