diff --git a/robosats/middleware.py b/robosats/middleware.py index 12739db5..27b395a6 100644 --- a/robosats/middleware.py +++ b/robosats/middleware.py @@ -9,6 +9,7 @@ from django.utils.deprecation import MiddlewareMixin from django.http import JsonResponse from rest_framework.authtoken.models import Token +from api.errors import new_error from api.nick_generator.nick_generator import NickGenerator from api.utils import base91_to_hex, hex_to_base91, is_valid_token, validate_pgp_keys @@ -75,12 +76,7 @@ class RobotTokenSHA256AuthenticationMiddleWare: return response if not is_valid_token(token_sha256_b91): - return JsonResponse( - { - "bad_request": "Robot token SHA256 was provided in the header. However it is not a valid 39 or 40 characters Base91 string." - }, - status=400, - ) + return JsonResponse(new_error(7000), status=400) # Check if it is an existing robot. try: @@ -127,12 +123,7 @@ class RobotTokenSHA256AuthenticationMiddleWare: encrypted_private_key = request.COOKIES.get("encrypted_private_key", "") if not public_key or not encrypted_private_key or not nostr_pubkey: - return JsonResponse( - { - "bad_request": "On the first request to a RoboSats coordinator, you must provide as well a valid public and encrypted private PGP keys and a nostr pubkey" - }, - status=400, - ) + return JsonResponse(new_error(7001), status=400) ( valid, @@ -141,7 +132,7 @@ class RobotTokenSHA256AuthenticationMiddleWare: encrypted_private_key, ) = validate_pgp_keys(public_key, encrypted_private_key) if not valid: - return JsonResponse({"bad_request": bad_keys_context}, status=400) + return JsonResponse(new_error(7002, {"bad_keys_context": bad_keys_context}), status=400) # Hash the token_sha256, only 1 iteration. # This is the second SHA256 of the user token, aka RoboSats ID