express-basic-auth icon indicating copy to clipboard operation
express-basic-auth copied to clipboard
verified publisher icon LionC

Enable custom unauthorized handling via middleware (req, res, next)

Open matmar10 opened this issue 6 years ago • 4 comments

Background

Current behavior supports:

  • string (rendered as text in response)
  • object (rendered as JSON object in response)

Enhancement

Enable passing a normal middleware. This allows full customization of the response handling in the case of unauthorized:

  app.use(basicAuth({
    unauthorizedResponse: function(req, res, next) {
      // use an application's existing error handling stack
      if (req.auth) {
        next(new UnauthorizedError('Login required'));
        return;
      }
      // or send an html page
      if (req.accepts('html') {
        res.render('unauthorized');
        return;
      }
      // or whatever you like!
      res.status(403)
        send({
          message: 'That user will NEVER have access. Ever!'
        });
    }
  }));

matmar10 avatar May 30 '19 20:05 matmar10

It would be great if this was released. :)

andorfermichael avatar Dec 09 '19 12:12 andorfermichael

push push

dazwiafl avatar Apr 22 '20 09:04 dazwiafl

Bump?

AlphaJuliettOmega avatar Feb 18 '22 13:02 AlphaJuliettOmega