From 5938382627417e8277b808118dcc3994af178dbf Mon Sep 17 00:00:00 2001
From: Mike Salvatore <mike.s.salvatore@gmail.com>
Date: Fri, 22 Jul 2022 08:18:01 -0400
Subject: [PATCH] Island: Add note about 401 for invalid credentials

---
 monkey/monkey_island/cc/resources/auth/registration.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/monkey/monkey_island/cc/resources/auth/registration.py b/monkey/monkey_island/cc/resources/auth/registration.py
index 6c2124dd5..35b22fb4b 100644
--- a/monkey/monkey_island/cc/resources/auth/registration.py
+++ b/monkey/monkey_island/cc/resources/auth/registration.py
@@ -28,5 +28,7 @@ class Registration(AbstractResource):
             self._authentication_service.register_new_user(username, password)
             return make_response({"error": ""}, HTTPStatus.OK)
         # API Spec: HTTP status code for AlreadyRegisteredError should be 409 (CONFLICT)
+        # API Spec: HTTP status code for InvalidRegistrationCredentialsError should be 401
+        #           (UNAUTHORIZED). See https://www.rfc-editor.org/rfc/rfc7235#section-3.1
         except (InvalidRegistrationCredentialsError, AlreadyRegisteredError) as e:
             return make_response({"error": str(e)}, HTTPStatus.BAD_REQUEST)