Returns the proper response body based on the rquest for 401.
This commit is contained in:
parent
889803151d
commit
3ac399f2ff
|
@ -14,7 +14,7 @@ module Devise
|
|||
if resource = mapping.to.authenticate_with_http(username, password)
|
||||
success!(resource)
|
||||
else
|
||||
custom!([401, custom_headers, ["HTTP Basic: Access denied.\n"]])
|
||||
custom!([401, custom_headers, [response_body]])
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -28,6 +28,12 @@ module Devise
|
|||
ActiveSupport::Base64.decode64(request.authorization.split(' ', 2).last || '')
|
||||
end
|
||||
|
||||
def response_body
|
||||
body = "HTTP Basic: Access denied."
|
||||
method = :"to_#{request.format.to_sym}"
|
||||
{}.respond_to?(method) ? { :error => body }.send(method) : body
|
||||
end
|
||||
|
||||
def custom_headers
|
||||
{
|
||||
"Content-Type" => request.format.to_s,
|
||||
|
|
|
@ -20,6 +20,7 @@ class HttpAuthenticationTest < ActionController::IntegrationTest
|
|||
sign_in_as_new_user_with_http("unknown", "123456", :xml)
|
||||
assert_equal 401, status
|
||||
assert_equal "application/xml", headers["Content-Type"]
|
||||
assert response.body.include?("<error>HTTP Basic: Access denied.</error>")
|
||||
end
|
||||
|
||||
test 'returns a custom response with www-authenticate and chosen realm' do
|
||||
|
|
Loading…
Reference in New Issue