1
0
mirror of https://github.com/flarum/core.git synced 2025-08-03 06:57:54 +02:00

Fix inconsistent status codes

HTTP 401 should be used when logging in (i.e. authenticating) would make
a difference; HTTP 403 is reserved for requests that fail because the
already authenticated user is not authorized (i.e. lacking permissions)
to do something.
This commit is contained in:
Franz Liedke
2019-08-20 07:19:55 +02:00
parent 70e98f810c
commit 04bcf1eef6
10 changed files with 53 additions and 24 deletions

View File

@@ -31,6 +31,7 @@ class ErrorServiceProvider extends AbstractServiceProvider
// 401 Unauthorized
'invalid_access_token' => 401,
'not_authenticated' => 401,
// 403 Forbidden
'forbidden' => 403,