mirror/zerobyte
0
0
Fork 0
mirror of https://github.com/nicotsx/zerobyte.git synced 2026-04-17 21:37:06 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
2ff6451f374fdf1e18e47c5f792efaea4e862723
zerobyte/app/server/modules/auth/auth.errors.ts
Nico 2ff6451f37 test: use better-auth built-in test plugin (#599) 
test: use better-auth built-in test plugin

refactor: map auth errors server side

refactor: native trusted providers callback usage

<!-- This is an auto-generated comment: release notes by coderabbit.ai -->

## Summary by CodeRabbit

## Release Notes

* **New Features**
  * Enhanced SSO authentication error messaging with specific guidance for different failure scenarios (account linking required, email verification needed, banned accounts, invite-only access).

* **Chores**
  * Updated authentication dependencies to version 1.5.0.

* **Tests**
  * Extended test coverage for SSO error code handling and authentication scenarios.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-01 15:10:50 +01:00

56 lines
1.6 KiB
TypeScript
Raw Blame History

export type LoginErrorCode =
| "ACCOUNT_LINK_REQUIRED"
| "EMAIL_NOT_VERIFIED"
| "INVITE_REQUIRED"
| "BANNED_USER"
| "SSO_LOGIN_FAILED";
const INVITE_REQUIRED_ERRORS = new Set([
"Access denied. You must be invited to this organization before you can sign in with SSO.",
"SSO sign-in is invite-only for this organization",
"unable to create session",
]);
export function mapAuthErrorToCode(error: string): LoginErrorCode {
let decoded: string;
try {
decoded = decodeURIComponent(error);
} catch {
return "SSO_LOGIN_FAILED";
}
if (decoded === "account not linked") {
return "ACCOUNT_LINK_REQUIRED";
}
if (decoded === "EMAIL_NOT_VERIFIED") {
return "EMAIL_NOT_VERIFIED";
}
if (decoded === "banned") {
return "BANNED_USER";
}
if (INVITE_REQUIRED_ERRORS.has(decoded)) {
return "INVITE_REQUIRED";
}
return "SSO_LOGIN_FAILED";
}
export function getLoginErrorDescription(errorCode: LoginErrorCode): string {
switch (errorCode) {
case "ACCOUNT_LINK_REQUIRED":
return "Your account exists but is not linked to this SSO provider. Sign in with username/password first, then enable auto linking in your provider settings or contact your administrator.";
case "EMAIL_NOT_VERIFIED":
return "Your identity provider did not mark your email as verified.";
case "INVITE_REQUIRED":
return "Access is invite-only. Ask an organization admin to send you an invitation before signing in with SSO.";
case "BANNED_USER":
return "You have been banned from this application. Please contact support if you believe this is an error.";
case "SSO_LOGIN_FAILED":
return "SSO authentication failed. Please try again.";
}
}
Reference in New Issue View Git Blame Copy Permalink