not that relevant for the user as the daemon auth log already
contains that info, but for token it can be nice.
The API response is always just a plain "401 auth failure" in any
case (expired or wrong creds)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
my $token_info = $user->{tokens}->{$token};
my $ctime = time();
- die "token expired\n" if $token_info->{expire} && ($token_info->{expire} < $ctime);
+ die "token '$token' access expired\n" if $token_info->{expire} && ($token_info->{expire} < $ctime);
die "invalid token value!\n" if !PVE::Cluster::verify_token($tokenid, $value);
my $expire = $usercfg->{users}->{$username}->{expire};
if ($expire && $expire < $ctime) {
- die "account expired\n" if !$noerr;
+ die "user '$username' access expired\n" if !$noerr;
return undef;
}