fix(express): Incorrest uses of 400 error codes (#1553)

Fixes incorrest usage of 400 HTTP responses being returned from the server, in favor of using 422. Also, changed a few return codes to 401 where it was more appropriate. See this article for reasoning behind moving to 422, and why 400 isn't appropriate for these cases. For ref: 6be12f8a06 Related: https://github.com/meanjs/mean/pull/1547 https://github.com/meanjs/mean/pull/1510
2026-03-20 02:41:54 +01:00 · 2016-10-10 16:00:24 -07:00
parent 607ed061e3
commit 0ea8cec120
7 changed files with 33 additions and 33 deletions
--- a/modules/users/server/controllers/users/users.password.server.controller.js
+++ b/modules/users/server/controllers/users/users.password.server.controller.js
@@ -50,7 +50,7 @@ exports.forgot = function (req, res, next) {
          }
        });
      } else {
-        return res.status(400).send({
+        return res.status(422).send({
          message: 'Username field must not be blank'
        });
      }
@@ -141,7 +141,7 @@ exports.reset = function (req, res, next) {

            user.save(function (err) {
              if (err) {
-                return res.status(400).send({
+                return res.status(422).send({
                  message: errorHandler.getErrorMessage(err)
                });
              } else {
@@ -161,7 +161,7 @@ exports.reset = function (req, res, next) {
              }
            });
          } else {
-            return res.status(400).send({
+            return res.status(422).send({
              message: 'Passwords do not match'
            });
          }
@@ -217,7 +217,7 @@ exports.changePassword = function (req, res, next) {

              user.save(function (err) {
                if (err) {
-                  return res.status(400).send({
+                  return res.status(422).send({
                    message: errorHandler.getErrorMessage(err)
                  });
                } else {
@@ -233,12 +233,12 @@ exports.changePassword = function (req, res, next) {
                }
              });
            } else {
-              res.status(400).send({
+              res.status(422).send({
                message: 'Passwords do not match'
              });
            }
          } else {
-            res.status(400).send({
+            res.status(422).send({
              message: 'Current password is incorrect'
            });
          }
@@ -249,12 +249,12 @@ exports.changePassword = function (req, res, next) {
        }
      });
    } else {
-      res.status(400).send({
+      res.status(422).send({
        message: 'Please provide a new password'
      });
    }
  } else {
-    res.status(400).send({
+    res.status(401).send({
      message: 'User is not signed in'
    });
  }