Shouldn't an authentication failure return status 401 as well?

Question

Shouldn't an authentication failure return status 401 as well?

sk91 opened this issue 11 years ago · comments

Antonio Aloisio · Answer 1 · Wed Feb 13 2019 22:13:56 GMT+0800 (China Standard Time)

why this has been closed? is it still valid?

Antonio Aloisio · Answer 2 · Wed Feb 13 2019 22:29:43 GMT+0800 (China Standard Time)

ok I guess this has been cloased because the callback you pass to the authorization method gets an error when there is an auth failure. In this case you can throw 401

Kovalov Maxim · Answer 3 · Wed Feb 13 2019 22:46:23 GMT+0800 (China Standard Time)

@gnuton sorry, don't remember exactly why I closed it. I fixed it for my self and made a pull request:

#13

Kovalov Maxim · Answer 4 · Wed Feb 13 2019 22:48:54 GMT+0800 (China Standard Time)

But it was ignored for more than 5 years ...