For now I get a "Unauthorized" state back. Is it possible to overwrite the response on failed authorization and replace it for example with a JSON String?
Could you provide more details on how your controller looks, what kind of authentication/authorization are you using?
Furthermore, I found the best way to solve this is basically to write custom middleware (and then use a decorator to be able to use @MyAuth annotations). And in the middleware you have complete access to Request and Response, and you can send whatever you wish instead. ( https://tsed.io/docs/middlewares.html#specifics-parameters-decorators )
Could you provide more details on how your controller looks, what kind of authentication/authorization are you using?
Furthermore, I found the best way to solve this is basically to write custom middleware (and then use a decorator to be able to use @myauth annotations). And in the middleware you have complete access to Request and Response, and you can send whatever you wish instead. ( https://tsed.io/docs/middlewares.html#specifics-parameters-decorators )
Hello, thank you for your answer. I use passport-jwt authentications. Is it maybe possible for you to provide a short example for your auth and middleware? Just to see how the general function should be. below you can find my current controller:
import {BodyParams, Controller, Post, PathParams,Get, Session, Req, Status} from "@tsed/common";
import {ContactService} from "../services/ContactService";
import {Authenticate, Authorize, Arg} from "@tsed/passport";
import { ContactForm } from "../models/ContactForm";
import { Responses, Returns } from "@tsed/swagger";
import { Contact } from "../entities/Contact";
@Controller("/contact")
export class ContactCtrl{
constructor(private contactService: ContactService) {
}
//@BodyParams() contact: Contact
@Post("/")
async createMessage(@BodyParams() contactForm: ContactForm) {
return this.contactService.createMessage(contactForm);
}
@Get("/messages")
@Authorize("auth-jwt")
async getMessages(@Req() req: Req) {
return await this.contactService.getMessages();
}
}
So I think what you should try is to simply write a new middleware. (And a decorator too, because why not.)
If you look at the current middleware, you'll see it has a @Req() request argument, now, just add @Res() response to the list, and you'll be able to emit whatever you want instead of the throw new Unauthorized. It's just an Express.Response after all (which extends the standard NodeJS ServerResponse), so you can simply call something like this:
response.setHeader('content-type', 'application/json');
response.end(JSON.stringify(youStuff));
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Most helpful comment
So I think what you should try is to simply write a new middleware. (And a decorator too, because why not.)
If you look at the current middleware, you'll see it has a
@Req() requestargument, now, just add@Res() responseto the list, and you'll be able to emit whatever you want instead of thethrow new Unauthorized. It's just an Express.Response after all (which extends the standard NodeJS ServerResponse), so you can simply call something like this: