From 7da06ba424a5393ede5ba6b3fff9e75b71a8c11c Mon Sep 17 00:00:00 2001
From: Son <nguyenkims@users.noreply.github.com>
Date: Tue, 22 Feb 2022 22:12:36 +0100
Subject: [PATCH] return 422 if account not activated

---
 app/api/views/auth.py  | 2 +-
 tests/api/test_auth.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/api/views/auth.py b/app/api/views/auth.py
index 878c91c5..7a963ac7 100644
--- a/app/api/views/auth.py
+++ b/app/api/views/auth.py
@@ -62,7 +62,7 @@ def auth_login():
     elif user.disabled:
         return jsonify(error="Account disabled"), 400
     elif not user.activated:
-        return jsonify(error="Account not activated"), 400
+        return jsonify(error="Account not activated"), 422
     elif user.fido_enabled():
         # allow user who has TOTP enabled to continue using the mobile app
         if not user.enable_otp:
diff --git a/tests/api/test_auth.py b/tests/api/test_auth.py
index 0ced84c0..61428c11 100644
--- a/tests/api/test_auth.py
+++ b/tests/api/test_auth.py
@@ -22,7 +22,7 @@ def test_auth_login_success(flask_client, mfa: bool):
     Session.commit()
 
     r = flask_client.post(
-        url_for("api.auth_login"),
+        "/api/auth/login",
         json={
             "email": "abcd@gmail.com",
             "password": PASSWORD_2,