fix(api): mask db related errors

[alicelovescake]

tldr;
This PR fixes the issue where errors caused by serverless functions can leak sensitive information

Changes made

• Created a generic error with message: "unknown error occurred" in packages/api/src/functions/dbAuth/errors.ts
• Added try catch blocks around all database calls within the file packages/api/src/functions/dbAuth/DbAuthHandler.ts in case of invalid client
• Catches error and console log actual error but throws the generic error
• Added additional tests to confirm expected behavior

Open to lots of feedback! Happy to iterate on the approach or verbiage of the generic error we want to show to user

---

closes #4679

[netlify]

✅ Deploy Preview for redwoodjs-docs canceled.

Name	Link
🔨 Latest commit	294be0e
🔍 Latest deploy log	https://app.netlify.com/sites/redwoodjs-docs/deploys/6253e331e5307a0008af4506

[dthyresson]

Thanks @alicelovescake - this appears to cover one of the cases described in #4679 where an dbAuth db error info can get leaked.

[dthyresson]

@alicelovescake Oh, I just realized that this is the framework and the app -- I realized that, too, when I wrote up that issue but forgot. You're right. Console is the only way to go. Sorry about that.

[alicelovescake]

@alicelovescake Oh, I just realized that this is the framework and the app -- I realized that, too, when I wrote up that issue but forgot. You're right. Console is the only way to go. Sorry about that.

no worries! You are probably juggling a million tickets and issues. Appreciate you taking a look at this one. Let me know anything else you recommend I should do get get this PR ready to merge!

[dthyresson]

Let me know anything else you recommend I should do get get this PR ready to merge!

Should we consider different naming for GenericError -- @dac09 thoughts?

Are there other dbauth-related errors?

[dac09]

This is an amazing PR and description (as always) @alicelovescake

I like the GenericError name too @dthyresson!

I assume there's already a test case for what it displays with GenericError on the frontend?

[alicelovescake]

This is an amazing PR and description (as always) @alicelovescake

I like the GenericError name too @dthyresson!

I assume there's already a test case for what it displays with GenericError on the frontend?

Thanks for the feedback @dac09! I added 3 tests in the /dbAuth/__tests__/DbAuthHandler.test.js that checks for this generic error if the dbAccessor is undefined (aka invalid client). Does this fit what you are looking for or is there another test you think I should write?

I know you already approved but I just want to resolve any questions before I merge!

[dac09]

Does this fit what you are looking for or is there another test you think I should write?

I think your tests are fine @alicelovescake - I was just checking if we had additional tests for custom login or signup error messages - and we do!

I've also manually verified on Gitpod that the messages do come through!

[jtoar]

Looks like the smoke test is failing consistently (nothing you did @alicelovescake!); and it seems to be the same as this issue that was just reported: #5104.