Custom 401 handler

[pronebird]

Looking at current code base I don't see any way to plug-in a custom error handler when invalid bearer token provided. Would be great to have a way to customize the response, e.g. in my case I output JSON with error description..

[todbot]

+1

[Kadrian]

I agree, what would need to be done to make 401 possible?

[aburkut]

+1

[peteruithoven]

I'm having the same issue. I opened: http://stackoverflow.com/questions/37330642/passport-local-mongoose-how-to-get-authentication-error-message

You could provide a callback to Passport's authenticate middleware, but then you'd have to parse the challenge string to get the useful information.

[jcyh0120]

+1, is there any workaround for this?

[mk-pmb]

@jcyh0120,

is there any workaround for this?

You can always intercept the middleware with another one that gives it a proxy (fake) response object and "next" function, and modify its response. npm probably has some modules for this purpose but I don't know any from head.

[rgilling]

+1 would be great if there was an option to resolve with an empty token instead of responding with 401 to the client. I had an issue where I wanted to support guest (no token) and registered requests. I got around it by adding an extra middleware that adds a dummy authorization header for guest accounts, but the better solution would be to allow the developer to handle the empty token.