2 files changed, 12 insertions, 4 deletions

diff --git a/service/pixelated/authentication.py b/service/pixelated/authentication.py
index aa1d8b5d..983086ce 100644
--- a/service/pixelated/authentication.py
+++ b/service/pixelated/authentication.py
@@ -42,7 +42,7 @@ class Authenticator(object):
         try:
             auth = yield self._bonafide_auth(username, password)
         except SRPAuthError:
-            raise UnauthorizedLogin()
+            raise UnauthorizedLogin("User typed wrong password/username combination.")
         returnValue(auth)
 
     @inlineCallbacks
@@ -59,7 +59,7 @@ class Authenticator(object):
         extracted_username = self.extract_username(username)
         if self.username_with_domain(extracted_username) == username:
             return extracted_username
-        raise UnauthorizedLogin()
+        raise UnauthorizedLogin('User typed a wrong domain.')
 
     def extract_username(self, username):
         return re.search('^([^@]+)@?.*$', username).group(1)
diff --git a/service/test/unit/test_authentication.py b/service/test/unit/test_authentication.py
index 90ef0a7c..3e1b4a10 100644
--- a/service/test/unit/test_authentication.py
+++ b/service/test/unit/test_authentication.py
@@ -32,7 +32,11 @@ class AuthenticatorTest(unittest.TestCase):
         mock_bonafide_session.authenticate = Mock(side_effect=SRPAuthError())
         with patch('pixelated.authentication.Session', return_value=mock_bonafide_session):
             with self.assertRaises(UnauthorizedLogin):
-                yield auth.authenticate('username', 'password')
+                try:
+                    yield auth.authenticate('username', 'password')
+                except UnauthorizedLogin as e:
+                    self.assertEqual("User typed wrong password/username combination.", e.message)
+                    raise
 
     @inlineCallbacks
     def test_domain_name_is_stripped_before_making_bonafide_srp_auth(self):
@@ -74,7 +78,11 @@ class AuthenticatorTest(unittest.TestCase):
         username_with_wrong_domain = '%s@%s' % (username_without_domain, 'wrongdomain.org')
         auth = Authenticator(self._leap_provider)
         with self.assertRaises(UnauthorizedLogin):
-            auth.clean_username(username_with_wrong_domain)
+            try:
+                auth.clean_username(username_with_wrong_domain)
+            except UnauthorizedLogin as e:
+                self.assertEqual("User typed a wrong domain.", e.message)
+                raise
 
     def test_username_with_domain(self):
         auth = Authenticator(self._leap_provider)