how to send custom response for auth failure

[msimerson]

I've got my app set up with passport-http and it authenticates requests as expected. Thanks for the app and docs.

My issue is that this project I'm working on is communicating with an XML driven API service sending me requests. All my responses need to be XML formatted. And they are, except for passport generated auth errors. There are no sessions, so every HTTP request will have auth data.

I've been poking around the code looking to see if there's a way to control the unauthorized response but it appears not. Did I miss something?