fix a bug

In the previous commit, the client would receive a failure message but would actually remain logged in after an authzid/authcid mismatch. This was a correctness rather than a security issue, but now it's fixed so that the client never logs in in the first place.
2019-12-25 15:06:26 -05:00 · 2019-12-25 15:06:26 -05:00 · 33c8b2177e
commit 33c8b2177e
parent c8ccf94936
4 changed files with 28 additions and 19 deletions
--- a/irc/errors.go
+++ b/irc/errors.go
@ -27,6 +27,7 @@ var (
 	errAccountVerificationInvalidCode = errors.New("Invalid account verification code")
 	errAccountUpdateFailed            = errors.New(`Error while updating your account information`)
 	errAccountMustHoldNick            = errors.New(`You must hold that nickname in order to register it`)
+	errAuthzidAuthcidMismatch         = errors.New(`authcid and authzid must be the same`)
 	errCallbackFailed                 = errors.New("Account verification could not be sent")
 	errCertfpAlreadyExists            = errors.New(`An account already exists for your certificate fingerprint`)
 	errChannelNotOwnedByAccount       = errors.New("Channel not owned by the specified account")