1 files changed, 14 insertions, 4 deletions

diff --git a/src/security.rs b/src/security.rs
index 4a17fe3..c12a97f 100644
--- a/src/security.rs
+++ b/src/security.rs
@@ -3,10 +3,11 @@
 use rand::{Rng, distributions::Alphanumeric};
 use ::cookie::Cookie;
 use time::{Duration, OffsetDateTime};
+use thiserror::Error;
 
 pub use crate::signed::Key;
 
-use crate::{Error, request::Parts, response::Response};
+use crate::{request::Parts, response::Response};
 
 /// A cookie-based CSRF token to be used with [`crate::request::Body::into_form_csrf`].
 pub struct CsrfToken {
@@ -14,6 +15,15 @@ pub struct CsrfToken {
     from_client: bool,
 }
 
+#[derive(Error, Debug)]
+pub enum CsrfError {
+    #[error("expected csrf cookie")]
+    NoCookie,
+
+    #[error("csrf parameter doesn't match csrf cookie")]
+    Mismatch,
+}
+
 impl CsrfToken {
     /// Retrieves the CSRF token from a `csrf` cookie or generates
     /// a new token and stores it as a cookie if it doesn't exist.
@@ -34,12 +44,12 @@ impl CsrfToken {
         format!("<input name=csrf type=hidden value=\"{}\">", self.token)
     }
 
-    pub(crate) fn matches(&self, str: String) -> Result<(), Error> {
+    pub(crate) fn matches(&self, str: String) -> Result<(), CsrfError> {
         if !self.from_client {
-            return Err(Error::bad_request("expected csrf cookie".to_string()))
+            return Err(CsrfError::NoCookie)
         }
         if self.token != str {
-            return Err(Error::bad_request("csrf parameter doesn't match csrf cookie".to_string()))
+            return Err(CsrfError::Mismatch)
         }
         Ok(())
     }