From 3dd940d4cbd72afed38eba49b557823a6a55eac2 Mon Sep 17 00:00:00 2001
From: Nihad Abbasov <narkoz.2008@gmail.com>
Date: Thu, 20 Sep 2012 08:36:43 -0700
Subject: API: extend UserLogin entity from UserBasic

---
 lib/api/entities.rb | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

(limited to 'lib/api')

diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 5d8cc2765b1..a8b786aebb0 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -9,8 +9,8 @@ module Gitlab
       expose :id, :email, :name, :blocked, :created_at
     end
 
-    class UserLogin < Grape::Entity
-      expose :id, :email, :name, :private_token, :blocked, :created_at
+    class UserLogin < UserBasic
+      expose :private_token
     end
 
     class Hook < Grape::Entity
@@ -56,9 +56,7 @@ module Gitlab
     end
 
     class Key < Grape::Entity
-      expose  :id,
-              :title,
-              :key
+      expose  :id, :title, :key
     end
   end
 end
-- 
cgit v1.2.1


From b08d33f6a9a82e04f288fc0a4de6d4a7489795e1 Mon Sep 17 00:00:00 2001
From: Nihad Abbasov <narkoz.2008@gmail.com>
Date: Thu, 20 Sep 2012 08:38:08 -0700
Subject: API: return 401 for invalid session

---
 lib/api/session.rb | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'lib/api')

diff --git a/lib/api/session.rb b/lib/api/session.rb
index 5bcdf93abe9..b4050160ae4 100644
--- a/lib/api/session.rb
+++ b/lib/api/session.rb
@@ -8,14 +8,13 @@ module Gitlab
     post "/session" do
       resource = User.find_for_database_authentication(email: params[:email])
 
-      return forbidden! unless resource
+      return unauthorized! unless resource
 
       if resource.valid_password?(params[:password])
         present resource, with: Entities::UserLogin
       else
-        forbidden!
+        unauthorized!
       end
     end
   end
 end
-
-- 
cgit v1.2.1