From 13b48cdd2d07d53f2eb2215e6509eea6b13bbba3 Mon Sep 17 00:00:00 2001
From: adarshm11 <amlearning2023@gmail.com>
Date: Fri, 2 Jan 2026 11:42:02 -0800
Subject: [PATCH 1/3] remove alias mention from verify

---
 api/main_endpoints/util/OfficeAccessCard.js | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/api/main_endpoints/util/OfficeAccessCard.js b/api/main_endpoints/util/OfficeAccessCard.js
index a9360f5da..18c1a6a35 100644
--- a/api/main_endpoints/util/OfficeAccessCard.js
+++ b/api/main_endpoints/util/OfficeAccessCard.js
@@ -19,8 +19,7 @@ function verifyCard(cardBytes) {
             return resolve(false);
           }
           if (!result) {
-            const description = cardBytes !== null ? cardBytes : alias;
-            logger.info(`Card: ${description} not found in the database`);
+            logger.info(`Card: ${cardBytes} not found in the database`);
           }
           return resolve(result); // return the document
         });

From a3f3ec87b3d9864a96c3ef88eee406ddf0c26f61 Mon Sep 17 00:00:00 2001
From: adarshm11 <amlearning2023@gmail.com>
Date: Fri, 2 Jan 2026 11:57:02 -0800
Subject: [PATCH 2/3] also fix which error is thrown for invalid api key

---
 api/main_endpoints/routes/OfficeAccessCard.js | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/api/main_endpoints/routes/OfficeAccessCard.js b/api/main_endpoints/routes/OfficeAccessCard.js
index 63eacaa60..d6567c268 100644
--- a/api/main_endpoints/routes/OfficeAccessCard.js
+++ b/api/main_endpoints/routes/OfficeAccessCard.js
@@ -4,7 +4,6 @@ const {
   SERVER_ERROR,
   NOT_FOUND,
   OK,
-  FORBIDDEN,
 } = require('../../util/constants').STATUS_CODES;
 const membershipState = require('../../util/constants').MEMBERSHIP_STATE;
 const express = require('express');
@@ -83,10 +82,10 @@ router.get('/verify', async (req, res) => {
 
   if (apiKey !== API_KEY) {
     writeLogToClient(req.method, {
-      statusCode: FORBIDDEN,
+      statusCode: UNAUTHORIZED,
       message: `Invalid API key: ${apiKey}`,
     });
-    return res.sendStatus(FORBIDDEN);
+    return res.sendStatus(UNAUTHORIZED);
   }
 
   const cardVerification = await verifyCard(cardBytes);

From 86637091a27f97cc54b392adf2e3bea26200a94a Mon Sep 17 00:00:00 2001
From: adarshm11 <amlearning2023@gmail.com>
Date: Fri, 2 Jan 2026 11:58:31 -0800
Subject: [PATCH 3/3] also fix the test that failed after last commit

---
 test/api/OfficeAccessCard.js | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/test/api/OfficeAccessCard.js b/test/api/OfficeAccessCard.js
index 28ee669cb..625f847cf 100644
--- a/test/api/OfficeAccessCard.js
+++ b/test/api/OfficeAccessCard.js
@@ -18,7 +18,6 @@ const {
   UNAUTHORIZED,
   NOT_FOUND,
   SERVER_ERROR,
-  FORBIDDEN,
 } = require('../../api/util/constants').STATUS_CODES;
 const {
   initializeTokenMock,
@@ -125,14 +124,14 @@ describe('OfficeAccessCard', () => {
       expect(result).to.have.status(BAD_REQUEST);
     });
 
-    it('Should return 403 with invalid api key', async () => {
+    it('Should return 401 with invalid api key', async () => {
       const params = new URLSearchParams();
       params.append('cardBytes', VALID_CARD_BYTES);
       const path = VERIFY_API_PATH + '?' + params.toString();
       const invalidApiKey = API_KEY + '-invalid-suffix';
       const result = await test.sendGetRequestWithApiKey(
         invalidApiKey + '', path);
-      expect(result).to.have.status(FORBIDDEN);
+      expect(result).to.have.status(UNAUTHORIZED);
     });
 
     it('Should return 404 with valid api key and unknown card', async () => {