fix: return errors to the frontend if thrown in auth provider

Author: dziraf

src/authentication/login.handler.ts

@@ -6,6 +6,7 @@ import type {
   AuthenticationMaxRetriesOptions,
   AuthenticationOptions,
 } from "../types.js";
+import { INVALID_AUTH_CONFIG_ERROR, WrongArgumentError } from "../errors.js";
 
 const getLoginPath = (admin: AdminJS): string => {
   const { loginPath, rootPath } = admin.options;
@@ -100,23 +101,37 @@ export const withLogin = (
     const context: AuthenticationContext = { req, res };
 
     let adminUser;
-    if (provider) {
-      adminUser = await provider.handleLogin(
-        {
-          headers: req.headers,
-          query: req.query,
-          params: req.params,
-          data: req.fields ?? {},
-        },
-        context
-      );
-    } else {
-      const { email, password } = req.fields as {
-        email: string;
-        password: string;
-      };
-      // "auth.authenticate" must always be defined if "auth.provider" isn't
-      adminUser = await auth.authenticate!(email, password, context);
+    try {
+      if (provider) {
+        adminUser = await provider.handleLogin(
+          {
+            headers: req.headers,
+            query: req.query,
+            params: req.params,
+            data: req.fields ?? {},
+          },
+          context
+        );
+      } else if (auth.authenticate) {
+        const { email, password } = req.fields as {
+          email: string;
+          password: string;
+        };
+        // "auth.authenticate" must always be defined if "auth.provider" isn't
+        adminUser = await auth.authenticate(email, password, context);
+      } else {
+        throw new WrongArgumentError(INVALID_AUTH_CONFIG_ERROR);
+      }
+    } catch (error) {
+      const errorMessage = error.message || error.error || "invalidCredentials";
+
+      const loginPage = await admin.renderLogin({
+        action: admin.options.loginPath,
+        errorMessage,
+        ...providerProps,
+      });
+
+      return res.status(400).send(loginPage);
     }
 
     if (adminUser) {

src/authentication/logout.handler.ts

@@ -22,7 +22,11 @@ export const withLogout = (
 
   router.get(logoutPath, async (request, response) => {
     if (provider) {
-      await provider.handleLogout({ req: request, res: response });
+      try {
+        await provider.handleLogout({ req: request, res: response });
+      } catch (error) {
+        console.error(error); // fail silently and still logout
+      }
     }
 
     request.session.destroy(() => {

src/buildAuthenticatedRouter.ts

@@ -7,15 +7,15 @@ import { withLogin } from "./authentication/login.handler.js";
 import { withLogout } from "./authentication/logout.handler.js";
 import { withProtectedRoutesHandler } from "./authentication/protected-routes.handler.js";
 import { buildAssets, buildRoutes, initializeAdmin } from "./buildRouter.js";
-import { OldBodyParserUsedError, WrongArgumentError } from "./errors.js";
+import {
+  INVALID_AUTH_CONFIG_ERROR,
+  MISSING_AUTH_CONFIG_ERROR,
+  OldBodyParserUsedError,
+  WrongArgumentError,
+} from "./errors.js";
 import { AuthenticationOptions, FormidableOptions } from "./types.js";
 import { withRefresh } from "./authentication/refresh.handler.js";
 
-const MISSING_AUTH_CONFIG_ERROR =
-  'You must configure either "authenticate" method or assign an auth "provider"';
-const INVALID_AUTH_CONFIG_ERROR =
-  'You cannot configure both "authenticate" and "provider". "authenticate" will be removed in next major release.';
-
 /**
  * @typedef {Function} Authenticate
  * @memberof module:@adminjs/express

src/errors.ts

@@ -1,3 +1,8 @@
+export const MISSING_AUTH_CONFIG_ERROR =
+  'You must configure either "authenticate" method or assign an auth "provider"';
+export const INVALID_AUTH_CONFIG_ERROR =
+  'You cannot configure both "authenticate" and "provider". "authenticate" will be removed in next major release.';
+
 export class WrongArgumentError extends Error {
   constructor(message: string) {
     super(message);