From 4c2c5f836b961cad0b064a945c2d1151da4088be Mon Sep 17 00:00:00 2001
From: Mick Stanciu <mick.stanciu@safetyculture.io>
Date: Mon, 5 Feb 2024 10:54:30 +1100
Subject: [PATCH] INTG-3224 fix api key validation (#113)

---
 app.go                          | 8 ++++----
 frontend/src/routes/Init.svelte | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/app.go b/app.go
index 7b641df..22d14d7 100644
--- a/app.go
+++ b/app.go
@@ -175,12 +175,12 @@ func (a *App) ValidateApiKey(apiKey string) string {
 
 		if err != nil {
 			runtime.LogErrorf(a.ctx, "cannot check WhoAmI: %s", err.Error())
-			return err.Error()
+			return "cannot validate the credentials for the given ApiKey"
 		}
 
-		if res != nil && (res.UserID == "" || res.OrganisationID == "") {
-			runtime.LogErrorf(a.ctx, "cannot validate the credentials for the given ApiKey: %s", err.Error())
-			return err.Error()
+		if res == nil || (res != nil && res.UserID == "" || res.OrganisationID == "") {
+			runtime.LogErrorf(a.ctx, "cannot validate the credentials for the given ApiKey: %s", apiKey)
+			return "cannot validate the credentials for the given ApiKey"
 		}
 
 		runtime.LogInfo(a.ctx, "saving the key")
diff --git a/frontend/src/routes/Init.svelte b/frontend/src/routes/Init.svelte
index 456901c..2481fd7 100644
--- a/frontend/src/routes/Init.svelte
+++ b/frontend/src/routes/Init.svelte
@@ -26,7 +26,7 @@
             } else {
                 // check if it can auth
                 return ValidateApiKey(token).then(res => {
-                    if (res === false) {
+                    if (res !== "") {
                         return '/welcome'
                     } else {
                         return '/config'