From 753bf80642ff7e73896db8e2492f59e476744ebe Mon Sep 17 00:00:00 2001
From: Mark Monteiro <marknr.monteiro@protonmail.com>
Date: Mon, 13 Apr 2020 14:53:51 -0400
Subject: [PATCH 1/3] Handle 403 response codes at login and display an
 appropriate message

---
 src/controllers/auth/login.js | 5 +++--
 src/strings/en-us.json        | 1 +
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/controllers/auth/login.js b/src/controllers/auth/login.js
index 4296b8bfb3..440a777762 100644
--- a/src/controllers/auth/login.js
+++ b/src/controllers/auth/login.js
@@ -24,9 +24,10 @@ define(["apphost", "appSettings", "dom", "connectionManager", "loading", "layout
             page.querySelector("#txtManualPassword").value = "";
             loading.hide();
 
-            if (response.status === 401) {
+            if (response.status === 401 || response.status === 403) {
                 require(["toast"], function (toast) {
-                    toast(Globalize.translate("MessageInvalidUser"));
+                    var messageKey = response.status === 401 ? "MessageInvalidUser" : "MessageUnauthorizedUser"
+                    toast(Globalize.translate(messageKey));
                 });
             } else {
                 Dashboard.alert({
diff --git a/src/strings/en-us.json b/src/strings/en-us.json
index 990145ee95..a71505d57d 100644
--- a/src/strings/en-us.json
+++ b/src/strings/en-us.json
@@ -990,6 +990,7 @@
     "MessageInstallPluginFromApp": "This plugin must be installed from within the app you intend to use it in.",
     "MessageInvalidForgotPasswordPin": "An invalid or expired pin code was entered. Please try again.",
     "MessageInvalidUser": "Invalid username or password. Please try again.",
+    "MessageUnauthorizedUser": "You are not authorized to access the server at this time. Please contact your server administrator for more information.",
     "MessageItemSaved": "Item saved.",
     "MessageItemsAdded": "Items added.",
     "MessageLeaveEmptyToInherit": "Leave empty to inherit settings from a parent item or the global default value.",

From 4666da1d0b96c7c87995d24af363d86a180ba6f1 Mon Sep 17 00:00:00 2001
From: Mark Monteiro <marknr.monteiro@protonmail.com>
Date: Mon, 13 Apr 2020 15:37:57 -0400
Subject: [PATCH 2/3] Handle correct response code for parental control
 authentication failure

---
 src/components/appRouter.js   | 2 +-
 src/controllers/auth/login.js | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/components/appRouter.js b/src/components/appRouter.js
index a602d6dce8..17b51b376d 100644
--- a/src/components/appRouter.js
+++ b/src/components/appRouter.js
@@ -200,7 +200,7 @@ define(['loading', 'globalize', 'events', 'viewManager', 'layoutManager', 'skinM
 
         var apiClient = this;
 
-        if (data.status === 401) {
+        if (data.status === 403) {
             if (data.errorCode === "ParentalControl") {
 
                 var isCurrentAllowed = currentRouteInfo ? (currentRouteInfo.route.anonymous || currentRouteInfo.route.startup) : true;
diff --git a/src/controllers/auth/login.js b/src/controllers/auth/login.js
index 440a777762..35821f80f6 100644
--- a/src/controllers/auth/login.js
+++ b/src/controllers/auth/login.js
@@ -26,7 +26,7 @@ define(["apphost", "appSettings", "dom", "connectionManager", "loading", "layout
 
             if (response.status === 401 || response.status === 403) {
                 require(["toast"], function (toast) {
-                    var messageKey = response.status === 401 ? "MessageInvalidUser" : "MessageUnauthorizedUser"
+                    var messageKey = response.status === 401 ? "MessageInvalidUser" : "MessageUnauthorizedUser";
                     toast(Globalize.translate(messageKey));
                 });
             } else {

From e7f595c460ed8488f2b7107e67602bc81ffdddfa Mon Sep 17 00:00:00 2001
From: Mark Monteiro <marknr.monteiro@protonmail.com>
Date: Mon, 13 Apr 2020 16:41:24 -0400
Subject: [PATCH 3/3] Apply code review suggestions

---
 src/controllers/auth/login.js | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/controllers/auth/login.js b/src/controllers/auth/login.js
index 35821f80f6..4b679bbbd8 100644
--- a/src/controllers/auth/login.js
+++ b/src/controllers/auth/login.js
@@ -24,9 +24,10 @@ define(["apphost", "appSettings", "dom", "connectionManager", "loading", "layout
             page.querySelector("#txtManualPassword").value = "";
             loading.hide();
 
-            if (response.status === 401 || response.status === 403) {
+            const UnauthorizedOrForbidden = [401, 403];
+            if (UnauthorizedOrForbidden.includes(response.status)) {
                 require(["toast"], function (toast) {
-                    var messageKey = response.status === 401 ? "MessageInvalidUser" : "MessageUnauthorizedUser";
+                    const messageKey = response.status === 401 ? "MessageInvalidUser" : "MessageUnauthorizedUser";
                     toast(Globalize.translate(messageKey));
                 });
             } else {