Respond with 403 instead of 404 for non-existing user.

Signed-off-by: Jason Volk <jason@zemos.net>

docker/complement.sh

@@ -23,7 +23,6 @@ skip="TestPartialStateJoin.*"
 skip="${skip}|TestRoomDeleteAlias/Pa.*/Can_delete_canonical_alias"
 skip="${skip}|TestUnbanViaInvite.*"
 skip="${skip}|TestToDeviceMessagesOverFederation/stopped_server"
-skip="${skip}|TestLogin/parallel/POST_/login_as_non-existing_user_is_rejected"
 skip="${skip}|TestThreadReceiptsInSyncMSC4102"
 skip="${skip}|TestRoomCreate/Parallel/POST_/createRoom_makes_a_room_with_a_topic_and_writes_rich_topic_representation"
 skip="${skip}|TestRoomCreate/Parallel/POST_/createRoom_makes_a_room_with_a_topic_via_initial_state_overwritten_by_topic"

src/api/client/session/password.rs

@@ -86,6 +86,7 @@ pub(super) async fn password_login(
 				.password_hash(lowercased_user_id)
 				.map_ok(|hash| (hash, lowercased_user_id))
 		})
+		.map_err(|_| err!(Request(Forbidden("Wrong username or password."))))
 		.await?;
 
 	if hash.is_empty() {

tests/test_results/complement/test_results.jsonl

@@ -308,6 +308,7 @@
 {"Action":"pass","Test":"TestLogin/parallel"}
 {"Action":"pass","Test":"TestLogin/parallel/GET_/login_yields_a_set_of_flows"}
 {"Action":"pass","Test":"TestLogin/parallel/Login_with_uppercase_username_works_and_GET_/whoami_afterwards_also"}
+{"Action":"pass","Test":"TestLogin/parallel/POST_/login_as_non-existing_user_is_rejected"}
 {"Action":"pass","Test":"TestLogin/parallel/POST_/login_can_log_in_as_a_user_with_just_the_local_part_of_the_id"}
 {"Action":"pass","Test":"TestLogin/parallel/POST_/login_can_login_as_user"}
 {"Action":"pass","Test":"TestLogin/parallel/POST_/login_returns_the_same_device_id_as_that_in_the_request"}