From 4419f1cf2cbc39f80e808d69a47ccaf62686263d Mon Sep 17 00:00:00 2001
From: Aarni Halinen <aarni.halinen@gmail.com>
Date: Thu, 28 Jul 2022 01:04:38 +0300
Subject: [PATCH] Fix nginx_jwt_resp HTTP responses

---
 webapp/views.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/webapp/views.py b/webapp/views.py
index f882b53..1d2717f 100644
--- a/webapp/views.py
+++ b/webapp/views.py
@@ -339,13 +339,13 @@ class SignupViewSet(ModelViewSet):
 def nginx_jwt_resp(request, *args, **kwargs):
     accessKey = request.COOKIES.get("jwt_access", None)
     if not accessKey:
-        return HttpResponse("", status=401)
+        return HttpResponse("No valid access token", status=401)
     try:
         # This also verifies the signature.
         # See https://pyjwt.readthedocs.io/en/latest/usage.html#reading-the-claimset-without-validation
         token = decode(accessKey, settings.SECRET_KEY, algorithms=["HS256"])
     except InvalidTokenError:
-        return HttpResponse("", status=403)
+        return HttpResponse("Invalid access token", status=401)
     user = "admin" if token.get("username", "") == "admin" else "moderator"
     resp = HttpResponse("", status=200)
     resp["X-FBrowser-User"] = user