From 2fa29789de3b54c523f2c8238cf4ce8de90dd5e2 Mon Sep 17 00:00:00 2001
From: Daniel <dhaavi@users.noreply.github.com>
Date: Fri, 10 Jul 2020 13:21:10 +0200
Subject: [PATCH] Improve authenticator error handling

From PR Review https://github.com/safing/portbase/pull/59
---
 api/authentication.go | 2 +-
 api/main.go           | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/api/authentication.go b/api/authentication.go
index 97c86c8..a7c2232 100644
--- a/api/authentication.go
+++ b/api/authentication.go
@@ -38,7 +38,7 @@ type Authenticator func(ctx context.Context, s *http.Server, r *http.Request) (e
 // SetAuthenticator sets an authenticator function for the API endpoint. If none is set, all requests will be permitted.
 func SetAuthenticator(fn Authenticator) error {
 	if module.Online() {
-		return ErrAuthenticationAlreadySet
+		return ErrAuthenticationImmutable
 	}
 
 	authFnLock.Lock()
diff --git a/api/main.go b/api/main.go
index e022f89..9b7fdc3 100644
--- a/api/main.go
+++ b/api/main.go
@@ -14,7 +14,8 @@ var (
 
 // API Errors
 var (
-	ErrAuthenticationAlreadySet = errors.New("the authentication function has already been set (or must be set earlier)")
+	ErrAuthenticationAlreadySet = errors.New("the authentication function has already been set")
+	ErrAuthenticationImmutable  = errors.New("the authentication function can only be set before the api has started")
 )
 
 func init() {