From e4ba09549ab54eef674a18e6747f7b54ea0f1124 Mon Sep 17 00:00:00 2001 From: Omar Roth Date: Fri, 20 Jul 2018 11:34:27 -0500 Subject: [PATCH] Change sign in messages to protect user privacy --- src/invidious.cr | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/invidious.cr b/src/invidious.cr index 73a8eee3..02210e84 100644 --- a/src/invidious.cr +++ b/src/invidious.cr @@ -761,12 +761,12 @@ post "/login" do |env| user = PG_DB.query_one?("SELECT * FROM users WHERE email = $1 AND password IS NOT NULL", email, as: User) if !user - error_message = "Cannot find user with ID #{email}." + error_message = "Invalid username or password" next templated "error" end if !user.password - error_message = "Account appears to be a Google account." + error_message = "Please sign in using 'Sign in with Google'" next templated "error" end @@ -782,13 +782,13 @@ post "/login" do |env| env.response.cookies["SID"] = HTTP::Cookie.new(name: "SID", value: sid, expires: Time.now + 2.years, secure: secure, http_only: true) else - error_message = "Invalid password" + error_message = "Invalid username or password" next templated "error" end elsif action == "register" user = PG_DB.query_one?("SELECT * FROM users WHERE email = $1 AND password IS NOT NULL", email, as: User) if user - error_message = "User already exists, please sign in" + error_message = "Please sign in" next templated "error" end