From 3bc7de34ee53153eade8532ed212d70bc1273860 Mon Sep 17 00:00:00 2001
From: okatu-loli <CN_QianShi@hotmail.com>
Date: Tue, 10 Feb 2026 16:46:57 +0800
Subject: [PATCH] feat(auth): Add consistent error messaging for invalid login
 credentials

- Introduced `invalidLoginCredentialsMsg` constant for reusability
- Updated error responses in login flow to provide a consistent message
---
 server/handles/auth.go | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/server/handles/auth.go b/server/handles/auth.go
index 3520a459c3d..f59b4fb1ed7 100644
--- a/server/handles/auth.go
+++ b/server/handles/auth.go
@@ -26,8 +26,9 @@ import (
 
 var loginCache = cache.NewMemCache[int]()
 var (
-	defaultDuration = time.Minute * 5
-	defaultTimes    = 5
+	defaultDuration            = time.Minute * 5
+	defaultTimes               = 5
+	invalidLoginCredentialsMsg = "username or password is incorrect"
 )
 
 type LoginReq struct {
@@ -69,13 +70,13 @@ func loginHash(c *gin.Context, req *LoginReq) {
 	// check username
 	user, err := op.GetUserByName(req.Username)
 	if err != nil {
-		common.ErrorResp(c, err, 400)
+		common.ErrorStrResp(c, invalidLoginCredentialsMsg, 400)
 		loginCache.Set(ip, count+1)
 		return
 	}
 	// validate password hash
 	if err := user.ValidatePwdStaticHash(req.Password); err != nil {
-		common.ErrorResp(c, err, 400)
+		common.ErrorStrResp(c, invalidLoginCredentialsMsg, 400)
 		loginCache.Set(ip, count+1)
 		return
 	}