FIDO2.complete_reg returns wrong status_code == 200 in exception handling #84
Description
Please stick to HTTP convention and change status codes when you catch exceptions. When I was using your code in my wrappers to apply JWT auth into it, I found in negative test with wrong payload I cannot pass the line below 'cause it was always status_code == 200
assert response = client.post(url, wrong_payload, format='json') assert response.status_code == HTTP_400_BAD_REQUEST
As an example, code from mfa/FIDO2.py line 89.
return JsonResponse({'status': 'ERR', "message": "Error on server, please try again later"})
is using default status_code = 200 from base class HttpResponseBase .
expected code:
return JsonResponse({'status': 'ERR', "message": "Error on server, please try again later"}, status=status.HTTP_400_BAD_REQUEST)
The same goes for mfa/FIDO2.py line 55.