Guardian.Plug.VerifyHeader do nothing if no token / wrong token

Question

From router:

  pipeline :possibly_authorized do
    plug(:fetch_session)

    plug(
      Guardian.Plug.Pipeline,
      module: BoilerplateWeb.Guardian,
      error_handler: BoilerplateWeb.AuthErrorController
    )

    plug Guardian.Plug.VerifyHeader, realm: :none
    plug Guardian.Plug.LoadResource, allow_blank: true
  end

How do I make plug Guardian.Plug.VerifyHeader do nothing if token is missing or wrong? Now it raises error via error_handler.

Edit: The goal is to still check for the token, if it's present/valid then next plug (LoadResource) would get current_user, if not then current_user should be nil without raising.

VerifyHeader will check the header if it's present. If you don't want it to do anything if it's wrong then just don't include it — Jhon Pedroza, Apr 04 '19 at 19:59
Do you possibly mean how to make it do something else than raising an error? Doing nothing is kind of pointless as was already pointed out. Please try to describe your goal more clearly. — Patrick Oscity, Apr 05 '19 at 10:17

score 0 · Answer 1 · answered Apr 06 '19 at 17:40

0

Based on https://github.com/ueberauth/guardian/blob/v1.2.1/lib/guardian/plug/verify_header.ex#L94

you can see that guardian will do nothing when token is not found, it only halt when the token is invalid.

answered Apr 06 '19 at 17:40

ardhitama

1,949
2
18
29

Guardian.Plug.VerifyHeader do nothing if no token / wrong token

1 Answers1