fix: log clearer internal error messages for verify (#1292)

supabase · Nov 6, 2023 · a8185db · a8185db
1 parent e7f1767
commit a8185db
Showing 1 changed file with 7 additions and 12 deletions.
diff --git a/internal/api/verify.go b/internal/api/verify.go
@@ -19,11 +19,6 @@ import (
 	"github.com/supabase/gotrue/internal/utilities"
 )
 
-var (
-	// indicates that a user should be redirected due to an error
-	errRedirectWithQuery = errors.New("redirect user")
-)
-
 const (
 	signupVerification      = "signup"
 	recoveryVerification    = "recovery"
@@ -520,13 +515,13 @@ func (a *API) verifyTokenHash(ctx context.Context, conn *storage.Connection, par
 
 	if err != nil {
 		if models.IsNotFoundError(err) {
-			return nil, expiredTokenError("Email link is invalid or has expired").WithInternalError(errRedirectWithQuery)
+			return nil, expiredTokenError("Email link is invalid or has expired").WithInternalError(err)
 		}
 		return nil, internalServerError("Database error finding user from email link").WithInternalError(err)
 	}
 
 	if user.IsBanned() {
-		return nil, unauthorizedError("Error confirming user").WithInternalError(errRedirectWithQuery)
+		return nil, unauthorizedError("Error confirming user").WithInternalMessage("user is banned")
 	}
 
 	var isExpired bool
@@ -548,7 +543,7 @@ func (a *API) verifyTokenHash(ctx context.Context, conn *storage.Connection, par
 	}
 
 	if isExpired {
-		return nil, expiredTokenError("Email link is invalid or has expired").WithInternalError(errRedirectWithQuery)
+		return nil, expiredTokenError("Email link is invalid or has expired").WithInternalMessage("email link has expired")
 	}
 
 	return user, nil
@@ -575,13 +570,13 @@ func (a *API) verifyUserAndToken(ctx context.Context, conn *storage.Connection,
 
 	if err != nil {
 		if models.IsNotFoundError(err) {
-			return nil, notFoundError(err.Error()).WithInternalError(errRedirectWithQuery)
+			return nil, notFoundError(err.Error()).WithInternalError(err)
 		}
 		return nil, internalServerError("Database error finding user").WithInternalError(err)
 	}
 
 	if user.IsBanned() {
-		return nil, unauthorizedError("Error confirming user").WithInternalError(errRedirectWithQuery)
+		return nil, unauthorizedError("Error confirming user").WithInternalMessage("user is banned")
 	}
 
 	var isValid bool
@@ -629,8 +624,8 @@ func (a *API) verifyUserAndToken(ctx context.Context, conn *storage.Connection,
 		isValid = isOtpValid(tokenHash, expectedToken, sentAt, config.Sms.OtpExp)
 	}
 
-	if !isValid || err != nil {
-		return nil, expiredTokenError("Token has expired or is invalid").WithInternalError(errRedirectWithQuery)
+	if !isValid {
+		return nil, expiredTokenError("Token has expired or is invalid").WithInternalMessage("token has expired or is invalid")
 	}
 	return user, nil
 }