From ea4e19554b10118de47d5e60fd0cd44f90072d10 Mon Sep 17 00:00:00 2001
From: Alex Holliday <ajhollid@gmail.com>
Date: Thu, 24 Oct 2024 10:58:25 +0800
Subject: [PATCH] 403 -> 401 for incorrect password since 403 will be used for
 refresh tokens later

---
 Server/controllers/authController.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Server/controllers/authController.js b/Server/controllers/authController.js
index fa59b4d05..3948934a2 100644
--- a/Server/controllers/authController.js
+++ b/Server/controllers/authController.js
@@ -279,10 +279,10 @@ const editUser = async (req, res, next) => {
 			const user = await req.db.getUserByEmail(email);
 			// Compare passwords
 			const match = await user.comparePassword(req.body.password);
-			// If not a match, throw a 403
+			// If not a match, throw a 401
 			if (!match) {
 				const error = new Error(errorMessages.AUTH_INCORRECT_PASSWORD);
-				error.status = 403;
+				error.status = 401;
 				next(error);
 				return;
 			}