Commit 1ca4712
committed
feat: add missing SAFE_ERROR_CODES for rate limiting and auth errors
Add error codes that are raised by constructive-db deployed functions but
were missing from the production error masking allowlist:
- IP_RATE_LIMITED (new — from rate_limits_module IP throttling)
- PASSWORD_RESET_LOCKED_EXCEED_ATTEMPTS (password reset lockout)
- CSRF_TOKEN_REQUIRED, INVALID_CSRF_TOKEN (CSRF validation)
- TOTP_NOT_ENABLED (TOTP verification)
- NULL_VALUES_DISALLOWED (reset_password validation)
- OBJECT_NOT_FOUND (invite/object lookups)
- LIMIT_REACHED (membership/invite limits)
- REQUIRES_ONE_OWNER (ownership constraints)
Without these, production clients would receive masked 'INTERNAL_SERVER_ERROR'
instead of the actionable error codes.1 parent 8a4291a commit 1ca4712
1 file changed
Lines changed: 13 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
36 | 36 | | |
37 | 37 | | |
38 | 38 | | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
| 47 | + | |
| 48 | + | |
| 49 | + | |
| 50 | + | |
| 51 | + | |
39 | 52 | | |
40 | 53 | | |
41 | 54 | | |
| |||
0 commit comments