till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-14 20:01:09 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

fix(auth): return proper 403 for unverified email on login

Browse source 
Better Auth throws APIError("FORBIDDEN") when email is not verified,
but the signIn catch block didn't handle this case, causing a 500.
Now returns ForbiddenException with EMAIL_NOT_VERIFIED code so the
client can show the resend verification link.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Till JS 2026-03-17 12:33:27 +01:00
parent 14ca0ae0b5
commit f922d2c4a1
1 changed files with 9 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

9
services/mana-core-auth/src/auth/services/better-auth.service.ts
View file

@ -551,6 +551,15 @@ export class BetterAuthService {
};
} catch (error: unknown) {
if (error instanceof Error) {
if (
error.message?.includes('Email not verified') ||
error.message?.includes('EMAIL_NOT_VERIFIED')
) {
throw new ForbiddenException({
message: 'Email not verified',
code: 'EMAIL_NOT_VERIFIED',
});
}
if (
error.message?.includes('invalid') ||
error.message?.includes('credentials') ||