passport-http-bearer icon indicating copy to clipboard operation
passport-http-bearer copied to clipboard

Published 20 hours ago verified publisher icon jaredhanson

Custom 401 handler

Open pronebird opened this issue 8 years ago • 7 comments

Looking at current code base I don't see any way to plug-in a custom error handler when invalid bearer token provided. Would be great to have a way to customize the response, e.g. in my case I output JSON with error description..

pronebird avatar Jul 14 '15 21:07 pronebird

+1

todbot avatar Jan 13 '16 02:01 todbot

I agree, what would need to be done to make 401 possible?

Kadrian avatar Jun 11 '16 12:06 Kadrian

+1

aburkut avatar Sep 21 '16 09:09 aburkut

I'm having the same issue. I opened: http://stackoverflow.com/questions/37330642/passport-local-mongoose-how-to-get-authentication-error-message

You could provide a callback to Passport's authenticate middleware, but then you'd have to parse the challenge string to get the useful information.

peteruithoven avatar Dec 20 '16 13:12 peteruithoven

+1, is there any workaround for this?

jcyh0120 avatar Jan 24 '17 03:01 jcyh0120

@jcyh0120,

is there any workaround for this?

You can always intercept the middleware with another one that gives it a proxy (fake) response object and "next" function, and modify its response. npm probably has some modules for this purpose but I don't know any from head.

mk-pmb avatar Jan 24 '17 16:01 mk-pmb

+1 would be great if there was an option to resolve with an empty token instead of responding with 401 to the client. I had an issue where I wanted to support guest (no token) and registered requests. I got around it by adding an extra middleware that adds a dummy authorization header for guest accounts, but the better solution would be to allow the developer to handle the empty token.

rgilling avatar Feb 04 '17 07:02 rgilling