Recommend forwarding response headers with middleware

jeremyevans / rodauth

Ruby's Most Advanced Authentication Framework

http://rodauth.jeremyevans.net

MIT License

1.67k stars 95 forks source link

Recommend forwarding response headers with middleware #234

Closed janko closed 2 years ago

janko commented 2 years ago

Now that Roda 3.55 has been released, which adds the :forward_response_headers option to middleware plugin, I thought it would be useful to recommend using this option with Rodauth.

jeremyevans commented 2 years ago

In the example code you are modifying, no response headers are set. I don't believe Rodauth itself sets response headers for routes it does not handle. Are there cases where they actually happens? Basically, in the example given, does it make sense to use the option? If not, I don't think the example code should include the option. I'm fine mentioning the option in text below the example, explaining when it may be useful.

janko commented 2 years ago

Good point, no need to load the option if it's not needed. I think the only real use case is the remember feature, so I updated the PR to mention that.

jeremyevans commented 2 years ago

This looks good. I'll merge on Monday.

jeremyevans commented 2 years ago

Cherry-picked at aca3f01021eb9645170e3c10f9964eafad70c0bd