1208b3bd40
Catch-all error handlers in lib/api/errors.js and server.js were echoing raw err.message to clients. Replace with a fixed generic message; the full error continues to be logged server-side via pino. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
49 lines
1.3 KiB
JavaScript
49 lines
1.3 KiB
JavaScript
import { log } from '../log.js';
|
|
|
|
export class ApiError extends Error {
|
|
constructor(code, message, status, details) {
|
|
super(message);
|
|
this.code = code;
|
|
this.status = status;
|
|
this.details = details;
|
|
}
|
|
}
|
|
|
|
export class NotFoundError extends ApiError {
|
|
constructor(message = 'not found', details) {
|
|
super('not_found', message, 404, details);
|
|
}
|
|
}
|
|
|
|
export class ValidationError extends ApiError {
|
|
constructor(message = 'validation failed', details) {
|
|
super('validation_failed', message, 400, details);
|
|
}
|
|
}
|
|
|
|
export class ConflictError extends ApiError {
|
|
constructor(message = 'conflict', details) {
|
|
super('conflict', message, 409, details);
|
|
}
|
|
}
|
|
|
|
export class ForbiddenError extends ApiError {
|
|
constructor(message = 'forbidden', details) {
|
|
super('forbidden', message, 403, details);
|
|
}
|
|
}
|
|
|
|
export function asyncWrap(fn) {
|
|
return (req, res, next) => Promise.resolve(fn(req, res, next)).catch(next);
|
|
}
|
|
|
|
export function errorMiddleware(err, _req, res, _next) {
|
|
if (err instanceof ApiError) {
|
|
const body = { error: { code: err.code, message: err.message } };
|
|
if (err.details !== undefined) body.error.details = err.details;
|
|
return res.status(err.status).json(body);
|
|
}
|
|
log.error({ err }, 'unhandled');
|
|
res.status(500).json({ error: { code: 'internal', message: 'internal server error' } });
|
|
}
|