cwdcwd
commented
5 years ago sorry just catching up on this now. I think we have the 403 issue captured on #13. what's the current response structure look like @sharathkumaranbu ?
Open sharathkumaranbu opened 5 years ago
cwdcwd
commented
5 years ago sorry just catching up on this now. I think we have the 403 issue captured on #13. what's the current response structure look like @sharathkumaranbu ?
sharathkumaranbu
commented
4 years ago @cwdcwd Current response structure look like
"version":"v3",
"result":{
"success":false,
"status":403,
"content":{
"message":"No token provided."
}
}
}But we just need message in V5 standards and status code need not be present in body separately as well.
I see some potential improvements in JWT Authenticator module which we use in every Topcoder API. Right now, if there is any error with the JWT token, the authenticator directly respond with 403 (Ideally it should have been 401) response and the API which uses that module doesn't get chance to modify the API response if necessary.
https://github.com/appirio-tech/tc-core-library-js/blob/master/lib/middleware/jwtAuthenticator.js#L33-L35
The response structure used in JWT Authenticator for error response wrapping is not in compliance with V5 standards and it creates inconsistency between Swagger and actual API response.
I recommend to return the error in
next()callback instead of returning the response directly so that the API can handle the error and return error response in compliance with V5 standards.I hope it makes sense. If not, please let me know.
cc @cwdcwd @sachin-maheshwari