From d8a599baf9422d0de078d271b10bf2541e5154c0 Mon Sep 17 00:00:00 2001
From: NI <nirui@gmx.com>
Date: Mon, 6 Apr 2020 18:55:20 +0800
Subject: [PATCH] Separate invalid key and unmatched key error

---
 application/controller/socket.go        | 6 +++++-
 application/controller/socket_verify.go | 6 ++++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/application/controller/socket.go b/application/controller/socket.go
index e6b48ed..c3412dd 100644
--- a/application/controller/socket.go
+++ b/application/controller/socket.go
@@ -41,10 +41,14 @@ import (
 
 // Errors
 var (
-	ErrSocketAuthFailed = NewError(
+	ErrSocketInvalidAuthKey = NewError(
 		http.StatusForbidden,
 		"To use Websocket interface, a valid Auth Key must be provided")
 
+	ErrSocketAuthFailed = NewError(
+		http.StatusForbidden,
+		"Authentication has failed with provided Auth Key")
+
 	ErrSocketUnableToGenerateKey = NewError(
 		http.StatusInternalServerError,
 		"Unable to generate crypto key")
diff --git a/application/controller/socket_verify.go b/application/controller/socket_verify.go
index ff8b884..7eb6e83 100644
--- a/application/controller/socket_verify.go
+++ b/application/controller/socket_verify.go
@@ -98,6 +98,8 @@ func (s socketVerification) setServerConfigRespond(
 func (s socketVerification) Get(
 	w http.ResponseWriter, r *http.Request, l log.Logger) error {
 	hd := w.Header()
+	hd.Add("Cache-Control", "no-store")
+	hd.Add("Pragma", "no-store")
 
 	key := r.Header.Get("X-Key")
 
@@ -110,11 +112,11 @@ func (s socketVerification) Get(
 			return nil
 		}
 
-		return ErrSocketAuthFailed
+		return ErrSocketInvalidAuthKey
 	}
 
 	if len(key) > 64 {
-		return ErrSocketAuthFailed
+		return ErrSocketInvalidAuthKey
 	}
 
 	// Delay the brute force attack. Use it with connection limits (via