fix: ensure correct status code for unverified email in sign-in (#1262)

DilbertRV · web-flow · commit 1e6b27ad78f9 · 2025-01-22T07:54:13.000+03:00
diff --git a/packages/better-auth/src/api/routes/sign-in.ts b/packages/better-auth/src/api/routes/sign-in.ts
@@ -385,7 +385,7 @@ export const signInEmail = createAuthEndpoint(
 			!user.user.emailVerified
 		) {
 			if (!ctx.context.options?.emailVerification?.sendVerificationEmail) {
-				throw new APIError("UNAUTHORIZED", {
+				throw new APIError("FORBIDDEN", {
 					message: BASE_ERROR_CODES.EMAIL_NOT_VERIFIED,
 				});
 			}

Original file line number	Diff line number	Diff line change
`@@ -385,7 +385,7 @@ export const signInEmail = createAuthEndpoint(`
`385`	`385`	`!user.user.emailVerified`
`386`	`386`	`) {`
`387`	`387`	`if (!ctx.context.options?.emailVerification?.sendVerificationEmail) {`
`388`		`- throw new APIError("UNAUTHORIZED", {`
	`388`	`+ throw new APIError("FORBIDDEN", {`
`389`	`389`	`message: BASE_ERROR_CODES.EMAIL_NOT_VERIFIED,`
`390`	`390`	`});`
`391`	`391`	`}`