Why is failureCallable not an Exception?
gerbenjacobs opened this issue · comments
I'm wondering why failureCallable
is a Closure and not a thrown Exception/Error?
With an exception we can use the Slim errorHandler functionality. Unless you use Slim for an API, I think there's a big chance that you're using the Custom Error Handling since you want errors to look good within your template.
I understand this would be difficult to change now, but I'm just wondering why this was chosen.
For completeness sake, this is what I'm doing to solve it for myself;
$guard->setFailureCallable(function($request, $response, $next) use ($errorHandler, $c){
return $errorHandler($c)($request, $response, new Exception('failed csrf check'));
});