return err if user wrong login type

controllers/user.go

@@ -90,6 +90,15 @@ func authenticateUser(response http.ResponseWriter, request *http.Request) {
 			return
 		}
 	}
+	user, err := logic.GetUser(authRequest.UserName)
+	if err != nil {
+		logic.ReturnErrorResponse(response, request, logic.FormatError(err, "unauthorized"))
+		return
+	}
+	if logic.IsOauthUser(user) == nil {
+		logic.ReturnErrorResponse(response, request, logic.FormatError(errors.New("user is registered via SSO"), "badrequest"))
+		return
+	}
 	username := authRequest.UserName
 	jwt, err := logic.VerifyAuthRequest(authRequest)
 	if err != nil {

logic/auth.go

@@ -139,10 +139,7 @@ func CreateUser(user *models.User) error {
 	if err := IsNetworkRolesValid(user.NetworkRoles); err != nil {
 		return errors.New("invalid network roles: " + err.Error())
 	}
-	user.AuthType = models.BasicAuth
-	if IsOauthUser(user) == nil {
-		user.AuthType = models.OAuth
-	}
+
 	var err = ValidateUser(user)
 	if err != nil {
 		logger.Log(0, "failed to validate user", err.Error())
@@ -156,7 +153,10 @@ func CreateUser(user *models.User) error {
 	}
 	// set password to encrypted password
 	user.Password = string(hash)
-
+	user.AuthType = models.BasicAuth
+	if IsOauthUser(user) == nil {
+		user.AuthType = models.OAuth
+	}
 	_, err = CreateUserJWT(user.UserName, user.PlatformRoleID)
 	if err != nil {
 		logger.Log(0, "failed to generate token", err.Error())