return 401 for login failures (#15432)

* return 401 for login failures * only setup the rate limiter when configured
2024-12-10 07:42:55 -06:00
parent 0b9c4c18dd
commit 6b12a45a95
4 changed files with 13 additions and 6 deletions
--- a/web/src/api/index.tsx
+++ b/web/src/api/index.tsx
@@ -29,8 +29,11 @@ export function ApiProvider({ children, options }: ApiProviderType) {
            error.response &&
            [401, 302, 307].includes(error.response.status)
          ) {
-            window.location.href =
-              error.response.headers.get("location") ?? "login";
+            // redirect to the login page if not already there
+            const loginPage = error.response.headers.get("location") ?? "login";
+            if (window.location.href !== loginPage) {
+              window.location.href = loginPage;
+            }
          }
        },
        ...options,
--- a/web/src/components/auth/AuthForm.tsx
+++ b/web/src/components/auth/AuthForm.tsx
@@ -63,7 +63,7 @@ export function UserAuthForm({ className, ...props }: UserAuthFormProps) {
          toast.error("Exceeded rate limit. Try again later.", {
            position: "top-center",
          });
-        } else if (err.response?.status === 400) {
+        } else if (err.response?.status === 401) {
          toast.error("Login failed", {
            position: "top-center",
          });