tweaking messages and status codes for user login

lib/index.js

@@ -205,21 +205,31 @@ module.exports = function(config_hash) {
 		})
 	})
 
-	app.put('/-/user/:org_couchdb_user', function(req, res, next) {
+	app.put('/-/user/:org_couchdb_user/:_rev?/:revision?', function(req, res, next) {
 		if (req.remoteUser != null) {
-			res.status(200)
+			res.status(201)
 			return res.send({
 				ok: 'you are authenticated as "' + req.remoteUser + '"',
 			})
 		} else {
 			if (typeof(req.body.name) !== 'string' || typeof(req.body.password) !== 'string') {
-				res.status(409)
-				return res.send({
-					ok: 'user/password is not found in request (npm issue?)',
-				})
+				return next(new UError({
+					status: 400,
+					message: 'user/password is not found in request (npm issue?)',
+				}))
 			}
 			config.add_user(req.body.name, req.body.password, function(err) {
-				if (err) return next(err)
+				if (err) {
+					if (err.status < 500 && err.message === 'this user already exists') {
+						// with npm registering is the same as logging in
+						// so we replace message in case of conflict
+						return next(new UError({
+							status: 409,
+							message: 'bad username/password, access denied'
+						}))
+					}
+					return next(err)
+				}
 
 				res.status(201)
 				return res.send({
@@ -229,20 +239,6 @@ module.exports = function(config_hash) {
 		}
 	})
 
-	app.put('/-/user/:org_couchdb_user/-rev/*', function(req, res, next) {
-		if (req.remoteUser == null) {
-			res.status(403)
-			return res.send({
-				error: 'bad username/password, access denied',
-			})
-		}
-
-		res.status(201)
-		return res.send({
-			ok: 'you are authenticated as "' + req.remoteUser + '"',
-		})
-	})
-
 	// tagging a package
 	app.put('/:package/:tag', can('publish'), media('application/json'), function(req, res, next) {
 		if (typeof(req.body) !== 'string') return next('route')