Fix handling of login errors

Change-Id: Ib8d6b7d3f8a8c572c07c45da3fd0f60fb2e58eb3
diff --git a/Changes b/Changes
index 8d88e0a..d149d19 100755
--- a/Changes
+++ b/Changes
@@ -1,6 +1,7 @@
-0.32 2018-12-19
+0.32 2019-01-29
         - Support attachements in metadata fields (#77).
         - Added ping request option to Piwik.
+        - Fix handling of login errors.
 
 0.31 2018-11-30
         - Update to Mojolicious >= 8.06.
diff --git a/lib/Kalamar/Plugin/Auth.pm b/lib/Kalamar/Plugin/Auth.pm
index 7693b45..640cc8b 100644
--- a/lib/Kalamar/Plugin/Auth.pm
+++ b/lib/Kalamar/Plugin/Auth.pm
@@ -173,9 +173,16 @@
 
           # There is an error here
           # Dealing with errors here
-          if (my $error = $jwt->{error}) {
+          if (my $error = $jwt->{error} // $jwt->{errors}) {
             if (ref $error eq 'ARRAY') {
-              $c->notify(error => $c->dumper($_));
+              foreach (@$error) {
+                unless ($_->[1]) {
+                  $c->notify(error => $c->loc('Auth_loginFail'));
+                }
+                else {
+                  $c->notify(error => $_->[0] . ($_->[1] ? ': ' . $_->[1] : ''));
+                };
+              };
             }
             else {
               $c->notify(error => 'There is an unknown JWT error');
diff --git a/t/plugin/auth.t b/t/plugin/auth.t
index 9828baf..b2089a1 100644
--- a/t/plugin/auth.t
+++ b/t/plugin/auth.t
@@ -58,6 +58,7 @@
 $t->get_ok('/')
   ->status_is(200)
   ->element_exists('div.notify-error')
+  ->text_is('div.notify-error', 'Bad CSRF token')
   ->element_exists('input[name=handle_or_email][value=test]')
   ->element_exists_not('div.button.top a')
   ;
@@ -76,6 +77,42 @@
 
 $t->post_ok('/user/login' => form => {
   handle_or_email => 'test',
+  pwd => 'ldaperr',
+  csrf_token => $csrf
+})
+  ->status_is(302)
+  ->content_is('')
+  ->header_is('Location' => '/');
+
+$csrf = $t->get_ok('/')
+  ->status_is(200)
+  ->element_exists('div.notify-error')
+  ->text_is('div.notify-error', '2022: LDAP Authentication failed due to unknown user or password!')
+  ->element_exists('input[name=handle_or_email][value=test]')
+  ->element_exists_not('div.button.top a')
+  ->tx->res->dom->at('input[name=csrf_token]')->attr('value')
+  ;
+
+$t->post_ok('/user/login' => form => {
+  handle_or_email => 'test',
+  pwd => 'unknown',
+  csrf_token => $csrf
+})
+  ->status_is(302)
+  ->content_is('')
+  ->header_is('Location' => '/');
+
+$csrf = $t->get_ok('/')
+  ->status_is(200)
+  ->element_exists('div.notify-error')
+  ->text_is('div.notify-error', 'Access denied')
+  ->element_exists('input[name=handle_or_email][value=test]')
+  ->element_exists_not('div.button.top a')
+  ->tx->res->dom->at('input[name=csrf_token]')->attr('value')
+  ;
+
+$t->post_ok('/user/login' => form => {
+  handle_or_email => 'test',
   pwd => 'pass',
   csrf_token => $csrf
 })
diff --git a/t/server/mock.pl b/t/server/mock.pl
index 18fd05d..79eeb90 100644
--- a/t/server/mock.pl
+++ b/t/server/mock.pl
@@ -229,6 +229,16 @@
           token_type => 'api_token'
         })
       );
+    }
+
+    elsif ($pwd eq 'ldaperr') {
+      return $c->render(
+        format => 'html',
+        status => 401,
+        json => {
+          "errors" => [[2022,"LDAP Authentication failed due to unknown user or password!"]]
+        }
+      );
     };
 
     return $c->render(