How should my web application handle common errors such as incorrect password, session timeout, etc.?
I have a class called Hotmail that contains various method such as login, logout etc.
To illustrate the confusion, I have a login method that logs the user into Hotmail via my software. The login method returns a HttpWebResponse object. But, within the login method any number of things could happen such as wrong credentials being entered or a timeout.
I’m in some confusion about how, and where to handle such errors.
In the case of the wrong credentials being entered, or a timeout, it would be pointless, or sometimes not possible to return a HttpWebResponse object. What would be the best way to handle such errors?
Should I create custom Exceptions so the code that’s calling the method can check for such errors and handle them?
What’s the conventional way to handle these sorts of errors as I’m sure this is a common point of confusion?
2
The conventional way is to return a custom Exception, and let the calling code decide what happens then.
Imagine that your “login” command is packaged as a library, and used in multiple applications. In one application, if there is a timeout, you want to display an error message and give up. In other application, in case of a timeout, you want to retry the method three times, and give up only if all three logins fail on timeout. By providing an exception, you give both applications an opportunity to do what they want.
It may be tempting, but don’t try to put both these two options into the “login” command, e.g. by adding a new parameter “howManyRetriesOnTimeout”. A third application may want to do something else. Also as a regeneral rule, it is not recommended to put multiple functionality (logging in, repeating on timeout) in a single method.
5
You should begin by dividing the possible errors into two categories: the ones that the user can possibly fix and the rest. Each of this categories should have a separate approach.
If there is a problem with credentials or the timeout was exceeded, the user should be informed about this in order to take measures. You should show the user a message indicating the problem in a user-friendly manner (i.e. do not print the stack trace).
What comes to creating custom exceptions, this isn’t really specific to the type of application you’re developing. All the general advice and best practices can be helpful. Also consider using status codes for such errors instead of throwing exceptions.
The examples you give are things that require user action. I suggest that you tell the user as clearly as plainly as possible what went wrong and what they need to do.
From the user experience site
Help users recognize, diagnose, and recover from errors – Error
messages should be easily read and understood by the users, and should
tell them what to do to fix this (e.g don’t write “Error 1052” and let
the users search the solution themselves, but instead write “We
couldn’t locate you. Please turn on your phone’s GPS under Settings”).
https://ux.stackexchange.com/a/17799/21611
1