[management] replace invalid user with a clear error message about mismatched logins (#4097)

management/server/peer.go

@@ -857,7 +857,7 @@ func (am *DefaultAccountManager) LoginPeer(ctx context.Context, login types.Peer
 		if login.UserID != "" {
 			if peer.UserID != login.UserID {
 				log.Warnf("user mismatch when logging in peer %s: peer user %s, login user %s ", peer.ID, peer.UserID, login.UserID)
-				return status.Errorf(status.Unauthenticated, "invalid user")
+				return status.NewPeerLoginMismatchError()
 			}
 
 			changed, err := am.handleUserPeer(ctx, transaction, peer, settings)
@@ -1106,7 +1106,7 @@ func checkAuth(ctx context.Context, loginUserID string, peer *nbpeer.Peer) error
 	}
 	if peer.UserID != loginUserID {
 		log.WithContext(ctx).Warnf("user mismatch when logging in peer %s: peer user %s, login user %s ", peer.ID, peer.UserID, loginUserID)
-		return status.Errorf(status.Unauthenticated, "can't login with this credentials")
+		return status.NewPeerLoginMismatchError()
 	}
 	return nil
 }

management/server/status/error.go

@@ -110,11 +110,16 @@ func NewUserBlockedError() error {
 	return Errorf(PermissionDenied, "user is blocked")
 }
 
-// NewPeerNotRegisteredError creates a new Error with NotFound type for a missing peer
+// NewPeerNotRegisteredError creates a new Error with Unauthenticated type unregistered peer
 func NewPeerNotRegisteredError() error {
 	return Errorf(Unauthenticated, "peer is not registered")
 }
 
+// NewPeerLoginMismatchError creates a new Error with Unauthenticated type for a peer that is already registered for another user
+func NewPeerLoginMismatchError() error {
+	return Errorf(Unauthenticated, "peer is already registered by a different User or a Setup Key")
+}
+
 // NewPeerLoginExpiredError creates a new Error with PermissionDenied type for an expired peer
 func NewPeerLoginExpiredError() error {
 	return Errorf(PermissionDenied, "peer login has expired, please log in once more")