fix: improve login error handling to distinguish database errors from auth failures
ValidateAndFill now checks the DB query result and returns sentinel errors (ErrDatabase, ErrInvalidCredentials, ErrUserEmptyCredentials) instead of hardcoded Chinese strings. The controller maps each sentinel to the appropriate i18n message, so users see "please contact admin" on DB errors instead of a misleading "wrong password" message. Non-DB errors still return a unified vague response to avoid leaking user existence.
This commit is contained in:
CaIon
@@ -3,7 +3,7 @@
|
||||
|
||||
# Common messages
|
||||
common.invalid_params: "无效的参数"
|
||||
common.database_error: "数据库错误,请稍后重试"
|
||||
common.database_error: "数据库出错,请联系管理员"
|
||||
common.retry_later: "请稍后重试"
|
||||
common.generate_failed: "生成失败"
|
||||
common.not_found: "未找到"
|
||||
|
||||
Reference in New Issue
Block a user