API: return 401 for invalid session

author: Nihad Abbasov <narkoz.2008@gmail.com> 2012-09-20 08:38:08 -0700
committer: Nihad Abbasov <narkoz.2008@gmail.com> 2012-09-20 08:38:08 -0700
commit: b08d33f6a9a82e04f288fc0a4de6d4a7489795e1 (patch)
tree: 93c8e95787bc1657c088c919168b418115bdc0af /lib/api/session.rb
parent: 3dd940d4cbd72afed38eba49b557823a6a55eac2 (diff)
download: gitlab-ce-b08d33f6a9a82e04f288fc0a4de6d4a7489795e1.tar.gz
1 files changed, 2 insertions, 3 deletions
diff --git a/lib/api/session.rb b/lib/api/session.rb
index 5bcdf93abe9..b4050160ae4 100644
--- a/lib/api/session.rb
+++ b/lib/api/session.rb
@@ -8,14 +8,13 @@ module Gitlab
     post "/session" do
       resource = User.find_for_database_authentication(email: params[:email])
 
-      return forbidden! unless resource
+      return unauthorized! unless resource
 
       if resource.valid_password?(params[:password])
         present resource, with: Entities::UserLogin
       else
-        forbidden!
+        unauthorized!
       end
     end
   end
 end
-
author	Nihad Abbasov <narkoz.2008@gmail.com>	2012-09-20 08:38:08 -0700
committer	Nihad Abbasov <narkoz.2008@gmail.com>	2012-09-20 08:38:08 -0700
commit	b08d33f6a9a82e04f288fc0a4de6d4a7489795e1 (patch)
tree	93c8e95787bc1657c088c919168b418115bdc0af /lib/api/session.rb
parent	3dd940d4cbd72afed38eba49b557823a6a55eac2 (diff)
download	gitlab-ce-b08d33f6a9a82e04f288fc0a4de6d4a7489795e1.tar.gz