Prune expired auth requests + add global max limit. Closes #2490

2022-12-23 20:20:59 -08:00
parent a5f6f49280
commit 87eeeffa1c
9 changed files with 175 additions and 14 deletions
--- a/controllers/auth/indieauth/server.go
+++ b/controllers/auth/indieauth/server.go
@@ -33,7 +33,7 @@ func handleAuthEndpointGet(w http.ResponseWriter, r *http.Request) {

 	request, err := ia.StartServerAuth(clientID, redirectURI, codeChallenge, state, me)
 	if err != nil {
-		// Return a human readable, HTML page as an error. JSON is no use here.
+		_ = controllers.WriteString(w, err.Error(), http.StatusInternalServerError)
 		return
 	}