fix(FastAPI): Use HTTPStatus instead of raw number

Signed-off-by: Steven Guikal <void@fluix.one>
2025-02-03 10:43:03 +01:00 · 2021-12-01 02:16:08 -05:00 · 2021-12-01 02:16:08 -05:00 · 42701514e7
commit 42701514e7
parent 0435c56a41
3 changed files with 14 additions and 7 deletions
--- a/aurweb/routers/errors.py
+++ b/aurweb/routers/errors.py
@ -1,14 +1,18 @@
+from http import HTTPStatus
+
 from aurweb.templates import make_context, render_template


 async def not_found(request, exc):
    context = make_context(request, "Page Not Found")
-    return render_template(request, "errors/404.html", context, 404)
+    return render_template(request, "errors/404.html", context,
+                           HTTPStatus.NOT_FOUND)


 async def service_unavailable(request, exc):
    context = make_context(request, "Service Unavailable")
-    return render_template(request, "errors/503.html", context, 503)
+    return render_template(request, "errors/503.html", context,
+                           HTTPStatus.SERVICE_UNAVAILABLE)

 # Maps HTTP errors to functions
 exceptions = {
--- a/aurweb/routers/html.py
+++ b/aurweb/routers/html.py
@ -221,4 +221,4 @@ async def metrics(request: Request):

@router.get("/raisefivethree", response_class=HTMLResponse)
 async def raise_service_unavailable(request: Request):
-    raise HTTPException(status_code=503)
+    raise HTTPException(status_code=HTTPStatus.SERVICE_UNAVAILABLE)
--- a/aurweb/routers/sso.py
+++ b/aurweb/routers/sso.py
@ -1,6 +1,7 @@
 import time
 import uuid

+from http import HTTPStatus
 from urllib.parse import urlencode

 import fastapi
@ -59,7 +60,8 @@ def open_session(request, conn, user_id):
    """
    if is_account_suspended(conn, user_id):
        _ = get_translator_for_request(request)
-        raise HTTPException(status_code=403, detail=_('Account suspended'))
+        raise HTTPException(status_code=HTTPStatus.FORBIDDEN,
+                            detail=_('Account suspended'))
        # TODO This is a terrible message because it could imply the attempt at
        #      logging in just caused the suspension.

@ -104,7 +106,7 @@ async def authenticate(request: Request, redirect: str = None, conn=Depends(aurw
    if is_ip_banned(conn, request.client.host):
        _ = get_translator_for_request(request)
        raise HTTPException(
-            status_code=403,
+            status_code=HTTPStatus.FORBIDDEN,
            detail=_('The login form is currently disabled for your IP address, '
                     'probably due to sustained spam attacks. Sorry for the '
                     'inconvenience.'))
@ -117,13 +119,14 @@ async def authenticate(request: Request, redirect: str = None, conn=Depends(aurw
        # Let’s give attackers as little information as possible.
        _ = get_translator_for_request(request)
        raise HTTPException(
-            status_code=400,
+            status_code=HTTPStatus.BAD_REQUEST,
            detail=_('Bad OAuth token. Please retry logging in from the start.'))

    sub = user.get("sub")  # this is the SSO account ID in JWT terminology
    if not sub:
        _ = get_translator_for_request(request)
-        raise HTTPException(status_code=400, detail=_("JWT is missing its `sub` field."))
+        raise HTTPException(status_code=HTTPStatus.BAD_REQUEST,
+                            detail=_("JWT is missing its `sub` field."))

    aur_accounts = conn.execute(select([Users.c.ID]).where(Users.c.SSOAccountID == sub)) \
                       .fetchall()