keep-web needs to return user-visible errors
I tried to download a file from keep-web with an invalid token. In the browser, without using developer tools, there is no feedback to the user why it didn't work.
- There is no error page. For any 4xx or 5xx error it should return a minimal error page
- Despite the error is actually that the token is invalid, it returns 404 instead of 401
- A 404 can mean either that an item doesn't exist, or that the user doesn't have permission to see it. The error text should reflect that.
Sort of related, I also realized that if keep-web sets a cookie with the API token, there's no way for the user to clear that cookie without going into browser settings.