search

amrav / restify-jwt

restify middleware that validates a JsonWebToken (JWT) and sets the req.user with the attributes
Other
83 stars 30 forks source link

Error handling #11

Open lludol opened 8 years ago

lludol commented 8 years ago

Hello,

In the doc of your plugin, it's written that we can add our custom logic to manage unauthorized access.

With this code:

app.use(function (err, req, res, next) {
  if (err.name === 'UnauthorizedError') {
    res.send(401, 'invalid token...');
  }
});

But, if we read the doc of restify, the callback will receive only 3 parameters : req, res and next. (source: http://restify.com/#common-handlers-serveruse) I have tested with 4 parameters but the function only receive 3 parameters...

In my application, I am using your module only for route that need to be protected, like this:

app.get('/example/:id', jwt({ secret: mySecret }) , (req, res) => { /* the code of the route */ });

Did I miss something?

lludol commented 8 years ago

I have found a solution: 

server.on('InvalidCredentials', (req, res, error, next) => {
  error.body.code = 'Unauthorized';
  error.body.message = 'Your custom message';
  return next();
});

I don't think this is the best solution but it works...

pkid169 commented 7 years ago

@lludol @amrav Can we PR this (provided the above is the appropriate solution)?