Closed jwashin closed 12 years ago
So I sort of feel like this falls outside of the scope of pyramid_rpc. There are two possible solutions here:
@view_config(context=HTTPForbidden, route_name='jsonrpc', renderer='json')
def jsonrpc_forbidden_view(request):
return {
'jsonrpc': '2.0',
'id': request.rpc_id,
'error': {
code=401,
message='Unauthorized',
},
}
To clarify, this should work because pyramid_rpc itself registers a similar view to handle all errors of type Exception, but since this one is a more specific type of exception, it will override that view and win in the case of an HTTPForbidden exception.
I like your solutions.
I will pursue the second solution in my app.
Thanks!
I want to have my pyjamas (json-rpc) client display a login dialog as a response to Forbidden.
Currently (git head), Forbidden is returned as JsonRpcRequestInvalid.
Invalid Request is defined in the JSON-RPC 2.0 spec http://jsonrpc.org/spec.html : The JSON sent is not a valid Request object.
Forbidden needs to be distinguished from Invalid Request.
I believe that, since the JSON-RPC spec requires a json-rpc response, the proper response would be a jsonrpc_error_response with an error code of 401, with message "Unauthorized".