[#907] Suppress traceback upon an unauthorized login

1 files changed, 6 insertions, 2 deletions

diff --git a/service/pixelated/resources/login_resource.py b/service/pixelated/resources/login_resource.py
index 2a11b73e..6d6bee20 100644
--- a/service/pixelated/resources/login_resource.py
+++ b/service/pixelated/resources/login_resource.py
@@ -21,6 +21,7 @@ from pixelated.authentication import Authenticator
 from pixelated.config.leap import BootstrapUserServices
 from pixelated.resources import BaseResource, UnAuthorizedResource, IPixelatedSession
 from pixelated.resources import handle_error_deferred
+from twisted.cred.error import UnauthorizedLogin
 from twisted.internet import defer
 from twisted.logger import Logger
 from twisted.python.filepath import FilePath
@@ -145,8 +146,11 @@ class LoginResource(BaseResource):
             self._complete_bootstrap(user_auth, request)
 
         def render_error(error):
-            log.info('Login error for %s' % request.args['username'][0])
-            log.info('%s' % error)
+            if error.type is UnauthorizedLogin:
+                log.info('Unauthorized login for %s. User typed wrong username/password combination.' % request.args['username'][0])
+            else:
+                log.error('Authentication error for %s' % request.args['username'][0])
+                log.error('%s' % error)
             request.setResponseCode(UNAUTHORIZED)
             return self._render_template(request, 'Invalid username or password')