Added customizable authentication failure HTTP code and location header

deitch / cansecurity

nodejs/expressjs authentication and security library

MIT License

150 stars 53 forks source link

Added customizable authentication failure HTTP code and location header #23

Closed ProgramCpp closed 7 years ago

ProgramCpp commented 7 years ago

Fix for issue #20 Can customize authentication failure HTTP response code and location header for the routes as below app.get("/secure/customloggedin",cansec.unauthenticated({code:302,location:"/login"}),cansec.restrictToLoggedIn,send200);

deitch commented 7 years ago

This looks pretty good, a few comments on the code itself.

ProgramCpp commented 7 years ago

Will submit all the changes based on your feedback on my comments. I wonder what can cansec.unauthenticated() be named as! Please suggest :)

deitch commented 7 years ago

Will submit all the changes based on your feedback on my comments

Thanks

please bump minor version number.
You have a great sample in the test, can you put that in the README? Pity for you to do all this work and no one knows it is there to use.

ProgramCpp commented 7 years ago

Updated README
Bumped minor version
Used HTTP code from package http-status-codes
Cleaned up checkLoggedIn()

ProgramCpp commented 7 years ago

Pending changes:

Rename unauthenticated to setUnauthenticatedCode
setUnauthenticatedCode should only set the custom code in the request and move on!

ProgramCpp commented 7 years ago

Pending Changes:

Include custom code in the declarative definitions. [verb,path,default,[test params,] test condition]
Have an option to set the global default.
Use global default for failures in session management?

deitch commented 7 years ago

This is great, thank you. And npm publish-ed as 3.2.0

For the other pending changes, we should do a separate PR.