Log the user-not-found and invalid-credentials cases separately

app/server/lib/App.pm

@@ -194,7 +194,9 @@ sub handle_login_form {
 
    try {
 
-      if( my $User = Request->authenticate_by_credentials( $credentials{'username'}, $credentials{'password'} ) ) {
+      my $User = Request->authenticate_by_credentials( $credentials{'username'}, $credentials{'password'} );
+
+      if( ref($User) ) {
          my @cookies = $User->generate_auth_cookies($parentFQDN);
 
          # On successful login, redirect with 302 to current URI
@@ -203,8 +205,16 @@ sub handle_login_form {
          ]);
          return 1;
       }
+      elsif( $User eq 'INVALID' ) {
+         flog("auth_cookie: credentials not valid for user '$credentials{'username'}'");
+         return 0;
+      }
+      elsif( $User eq 'NOTFOUND' ) {
+         flog("auth_cookie: user '$credentials{'username'}' not found in users.json: check file for errors");
+         return 0;
+      }
       else {
-         flog("auth_cookie: credentials not valid");
+         flog("auth_cookie: unknown error authenticating: check users.json for errors");
          return 0;
       }
    }

app/server/lib/Request.pm

@@ -15,7 +15,8 @@ use User;
 #
 # Returns:
 # - a User object, if $username matches a users.json record and $password can be validated; OR
-# - undef.
+# - 'NOTFOUND'; OR
+# - 'INVALID'
 
 sub authenticate_by_credentials {
    my $class = shift; # User class
@@ -26,7 +27,7 @@ sub authenticate_by_credentials {
 
    # Check that $user is also named in the users.json file
    unless($user->load($username)) {
-      return undef;
+      return 'NOTFOUND';
    }
 
    my $passwordEntry = $user->password();
@@ -36,7 +37,7 @@ sub authenticate_by_credentials {
 
    # Check that $password is correct for $user in the password file.
    unless( $salt && $encryptedPasswd && encrypt_password( $password, $salt ) eq $passwordEntry ) {
-      return undef;
+      return 'INVALID';
    }
 
    return $user;