From cabdff7177a57a53b2559b34e664795f71898490 Mon Sep 17 00:00:00 2001
From: Yanis Rigaudeau <yanis.rigaudeau@free.fr>
Date: Tue, 18 Oct 2022 00:41:20 +0200
Subject: [PATCH] changed return code

---
 api/src/framework/express/middleware.ts | 6 +++---
 api/src/framework/express/user.ts       | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/src/framework/express/middleware.ts b/api/src/framework/express/middleware.ts
index 846db09..89db7d6 100644
--- a/api/src/framework/express/middleware.ts
+++ b/api/src/framework/express/middleware.ts
@@ -57,7 +57,7 @@ export function checkPermissions(): RequestHandler {
     }
 
     if (!req.session.user) {
-      next({ status: 403, messsage: 'Forbidden' });
+      next({ status: 401, messsage: 'Unauthorized' });
       return;
     }
 
@@ -67,7 +67,7 @@ export function checkPermissions(): RequestHandler {
         req.session.user.role !== UserRoles.ADMIN) ||
       (!canAccess(req) && req.session.user.role !== UserRoles.ADMIN)
     ) {
-      next({ status: 403, messsage: 'Forbidden' });
+      next({ status: 401, messsage: 'Unauthorized' });
       return;
     }
 
@@ -79,7 +79,7 @@ export function checkPermissions(): RequestHandler {
       return;
     }
 
-    next({ status: 403, messsage: 'Forbidden' });
+    next({ status: 401, messsage: 'Unauthorized' });
   };
 }
 
diff --git a/api/src/framework/express/user.ts b/api/src/framework/express/user.ts
index a349cca..d4988fc 100644
--- a/api/src/framework/express/user.ts
+++ b/api/src/framework/express/user.ts
@@ -17,7 +17,7 @@ function LoginHandler(services: Services): RequestHandler {
     user ? (req.session.user = user) : (req.session.user = null);
     user
       ? res.status(200).send(user)
-      : next({ status: 404, message: 'wrong user or password' });
+      : next({ status: 401, message: 'wrong username or password' });
   };
 }