From 57f0955d70185f7f318849479ac3f121977e161d Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Tue, 30 Oct 2018 08:42:41 +0000
Subject: [PATCH] Failed group membership check should return 403, not 401

---
 server/http.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/http.go b/server/http.go
index f906689..8342edf 100644
--- a/server/http.go
+++ b/server/http.go
@@ -212,7 +212,7 @@ func (h *Server) handleHomepage(w http.ResponseWriter, req *http.Request, sessio
 			// service, because the 'g' parameter is untrusted at
 			// this stage.
 			if len(groups) == 0 {
-				http.Error(w, "Unauthorized", http.StatusUnauthorized)
+				http.Error(w, "Forbidden", http.StatusForbidden)
 				return
 			}
 		}
-- 
GitLab