From 103c738e2aba3926c28cf72d9dc620429c37371d Mon Sep 17 00:00:00 2001
From: hzrd149 <github@hzrd149.com>
Date: Thu, 14 Nov 2024 06:59:20 -0600
Subject: [PATCH] fix http error codes

---
 src/auth/blossom.rs | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/src/auth/blossom.rs b/src/auth/blossom.rs
index 14c6aec..367c0c6 100644
--- a/src/auth/blossom.rs
+++ b/src/auth/blossom.rs
@@ -24,18 +24,18 @@ impl<'r> FromRequest<'r> for BlossomAuth {
                     if let Ok(ev) = Event::from_json(j) {
                         ev
                     } else {
-                        return Outcome::Error((Status::new(403), "Invalid nostr event"));
+                        return Outcome::Error((Status::new(400), "Invalid nostr event"));
                     }
                 } else {
-                    return Outcome::Error((Status::new(403), "Invalid auth string"));
+                    return Outcome::Error((Status::new(400), "Invalid auth string"));
                 };
 
                 if event.kind != Kind::Custom(24242) {
-                    return Outcome::Error((Status::new(401), "Wrong event kind"));
+                    return Outcome::Error((Status::new(400), "Wrong event kind"));
                 }
                 if event.created_at > Timestamp::now() {
                     return Outcome::Error((
-                        Status::new(401),
+                        Status::new(400),
                         "Created timestamp is in the future",
                     ));
                 }
@@ -50,14 +50,14 @@ impl<'r> FromRequest<'r> for BlossomAuth {
                 }) {
                     let u_exp: Timestamp = expiration.parse().unwrap();
                     if u_exp <= Timestamp::now() {
-                        return Outcome::Error((Status::new(401), "Expiration invalid"));
+                        return Outcome::Error((Status::new(400), "Expiration invalid"));
                     }
                 } else {
-                    return Outcome::Error((Status::new(401), "Missing expiration tag"));
+                    return Outcome::Error((Status::new(400), "Missing expiration tag"));
                 }
 
                 if event.verify().is_err() {
-                    return Outcome::Error((Status::new(401), "Event signature invalid"));
+                    return Outcome::Error((Status::new(400), "Event signature invalid"));
                 }
 
                 info!("{}", event.as_json());
@@ -93,10 +93,10 @@ impl<'r> FromRequest<'r> for BlossomAuth {
                     }),
                 })
             } else {
-                Outcome::Error((Status::new(403), "Auth scheme must be Nostr"))
+                Outcome::Error((Status::new(400), "Auth scheme must be Nostr"))
             }
         } else {
-            Outcome::Error((Status::new(403), "Auth header not found"))
+            Outcome::Error((Status::new(401), "Auth header not found"))
         }
     }
 }