fix(core): handle security handler errors in error handler

medama-io · Jun 12, 2024 · 9654503 · 9654503
1 parent 602bb47
commit 9654503
Showing 1 changed file with 9 additions and 4 deletions.
diff --git a/core/middlewares/errors.go b/core/middlewares/errors.go
@@ -7,6 +7,7 @@ import (
 	"strings"
 
 	"github.com/go-faster/jx"
+	"github.com/medama-io/medama/model"
 	"github.com/medama-io/medama/util/logger"
 	"github.com/ogen-go/ogen/ogenerrors"
 )
@@ -16,17 +17,21 @@ func ErrorHandler(ctx context.Context, w http.ResponseWriter, req *http.Request,
 	code := ogenerrors.ErrorCode(err)
 	errMessage := strings.ReplaceAll(err.Error(), "\"", "'")
 
-	log := logger.Get()
-	log.Error().
+	log := logger.Get().With().
 		Str("path", req.URL.Path).
 		Str("method", req.Method).
 		Int("status_code", code).
 		Str("message", errMessage).
 		Str("Connection", req.Header.Get("Connection")).
 		Str("Content-Type", req.Header.Get("Content-Type")).
 		Str("Content-Length", req.Header.Get("Content-Length")).
-		Str("User-Agent", req.Header.Get("User-Agent")).
-		Msg("error 500")
+		Str("User-Agent", req.Header.Get("User-Agent")).Logger()
+
+	if errors.Is(err, model.ErrUnauthorised) || code == http.StatusUnauthorized {
+		log.Warn().Msg("unauthorised")
+	} else {
+		log.Error().Msg(err.Error())
+	}
 
 	if errors.Is(err, ogenerrors.ErrSecurityRequirementIsNotSatisfied) {
 		errMessage = "missing security token or cookie"