smpallen99 / coherence

Coherence is a full featured, configurable authentication system for Phoenix
MIT License
1.27k stars 225 forks source link

Error handling for missing attributes in JSON API #385

Open pavloo opened 6 years ago

pavloo commented 6 years ago

I'm using Coherence to implement authentication flows for HTTP API (Phoenix app exposes HTTP JSON API rather than renders HTML), and I need an improved error handling for cases when there are certain params missing in the request payload. So far I implemented registration and password reset flows with Coherence for my HTTP API, and I noticed that Coherence.RegistrationController has scrub_params and Coherence.PasswordController does not. The presence of scrub_params itself doesn't solve the issue though, it just raises Phoenix.MissingParamError(instead of errors from the code "deeper" because of missing params). I would like to be able to catch MissingParamError errors and return something like HTTP status 422 or 400 with error messages on the API level instead.

According to this elixirforum thread, we can provide our own implementation of scrub_params plug and catch Phoenix.MissinParamError. In my opinion, would be great if Coherence incorporated such an approach and either:

1) let users pass their own scrub_params implementations OR 2) we just provide our own implementation that catches errors and by convention calls to render error views.

If maintainers think this would be a handy feature to be added to the library, I'll gladly volunteer to provide an implementation. Otherwise I would highly appreciate if someone could advise me how to add the desired feature without requesting changes to the library.

Thanks.

smpallen99 commented 6 years ago

@pavloo I'm interested in anything that makes Coherence work better for APIs. I have just started using it myself for JSON API requests for an existing project, so your timing is perfect.

I'm not sure why scrub_params was missed on the Coherence.PasswordController. I'll have to take a look at that.

Let me test this on my own project and get opinionated on how to best solve it. I'll also look at the scrub_params override you mentioned.

pavloo commented 6 years ago

@smpallen99 sounds great, thanks! let me know if I can help with anything.