fixed login error message on wrong username

2 files changed, 8 insertions, 6 deletions

diff --git a/users/lib/warden/strategies/secure_remote_password.rb b/users/lib/warden/strategies/secure_remote_password.rb
index 953e2e9..594e27e 100644
--- a/users/lib/warden/strategies/secure_remote_password.rb
+++ b/users/lib/warden/strategies/secure_remote_password.rb
@@ -30,11 +30,12 @@ module Warden
       end
 
       def initialize!
-        user = User.find_by_login(id)
-        session[:handshake] = user.initialize_auth(params['A'].hex)
-        custom! json_response(session[:handshake])
-      rescue RECORD_NOT_FOUND
-        fail! :login => "user_not_found"
+        if user = User.find_by_login(id)
+          session[:handshake] = user.initialize_auth(params['A'].hex)
+          custom! json_response(session[:handshake])
+        else
+          fail! :login => "user_not_found"
+        end
       end
 
       def json_response(object)
diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb
index 4135485..add12fe 100644
--- a/users/test/integration/api/account_flow_test.rb
+++ b/users/test/integration/api/account_flow_test.rb
@@ -65,8 +65,8 @@ class AccountFlowTest < ActiveSupport::TestCase
   test "signup and wrong password login attempt" do
     srp = SRP::Client.new(@login, "wrong password")
     server_auth = srp.authenticate(self)
+    assert_json_error :password => "wrong password"
     assert !last_response.successful?
-    assert_equal "wrong password", server_auth["errors"]['password']
     assert_nil server_auth["M2"]
   end
 
@@ -76,6 +76,7 @@ class AccountFlowTest < ActiveSupport::TestCase
     assert_raises RECORD_NOT_FOUND do
       server_auth = srp.authenticate(self)
     end
+    assert_json_error :login => "could not be found"
     assert !last_response.successful?
     assert_nil server_auth
   end