replicatedhq · ricardomaraschini · Nov 20, 2024 · Nov 13, 2024 · Nov 20, 2024 · Nov 20, 2024
diff --git a/pkg/handlers/middleware.go b/pkg/handlers/middleware.go
@@ -99,6 +99,7 @@ func RequireValidSessionQuietMiddleware(kotsStore store.Store) mux.MiddlewareFun
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			sess, err := requireValidSession(kotsStore, w, r)
 			if err != nil {
+				logger.Errorf("failed validating session: %s", err)
 				return
 			}
 

diff --git a/pkg/handlers/session.go b/pkg/handlers/session.go
@@ -95,7 +95,7 @@ func requireValidSession(kotsStore store.Store, w http.ResponseWriter, r *http.R
 	passwordUpdatedAt, err := kotsStore.GetPasswordUpdatedAt()
 	if err != nil {
 		response := types.ErrorResponse{Error: util.StrPointer("failed to validate session with current password")}
-		JSON(w, http.StatusUnauthorized, response)
+		JSON(w, http.StatusInternalServerError, response)
 		return nil, err
 	}
 	if passwordUpdatedAt != nil && passwordUpdatedAt.After(sess.IssuedAt) {

diff --git a/pkg/handlers/session_test.go b/pkg/handlers/session_test.go
@@ -400,7 +400,7 @@ func Test_requireValidSession_FailedToFetchPasswordUpdated_AfterSessionIssuedErr
 	req.Error(err)
 	req.Equal("failed to fetch password updatedAt", err.Error())
 	req.Equal(want, got)
-	req.Equal(401, w.Code)
+	req.Equal(500, w.Code)
 }
 
 func Test_requireValidSession_PasswordUpdated_AfterSessionIssuedErr(t *testing.T) {