0

From router:

  pipeline :possibly_authorized do
    plug(:fetch_session)

    plug(
      Guardian.Plug.Pipeline,
      module: BoilerplateWeb.Guardian,
      error_handler: BoilerplateWeb.AuthErrorController
    )

    plug Guardian.Plug.VerifyHeader, realm: :none
    plug Guardian.Plug.LoadResource, allow_blank: true
  end

How do I make plug Guardian.Plug.VerifyHeader do nothing if token is missing or wrong? Now it raises error via error_handler.

Edit: The goal is to still check for the token, if it's present/valid then next plug (LoadResource) would get current_user, if not then current_user should be nil without raising.

4

1 回答 1

0

基于https://github.com/ueberauth/guardian/blob/v1.2.1/lib/guardian/plug/verify_header.ex#L94

你可以看到,当没有找到令牌时,监护人不会做任何事情,它只会在令牌无效时停止。

于 2019-04-06T17:40:40.273 回答