cube-js/cube

Returning custom HTTP error codes from `check_auth`

Open

#8136 opened on Apr 12, 2024

View on GitHub
 (9 comments) (10 reactions) (0 assignees)Rust (19,563 stars) (1,965 forks)batch import
configurationhelp wanted

Description

Is your feature request related to a problem? Please describe. Return an appropriate response code or even a custom one in the checkAuth function

Describe the solution you'd like Expose the res object to manipulate it , or return a 401 http response code

Additional context

module.exports = {
    checkAuth: async (req) => {
        const token = extractJwt(req);
        req.securityContext = await validateAndParseJwt(token);
        throw new Error("test"); // this causes cube to return http 500
    }
}

Contributor guide

Tech stack
javascriptnodejsrest api
Domain
authenticationbackendapi
Issue type
feature
DifficultyEstimated implementation difficulty for a new contributor, from 1 for very small changes to 5 for expert-level work.
3
Estimated timeA rough time range for an experienced contributor to investigate, implement, test, and prepare a pull request.
1-3 hours
Activity statusHow available the issue appears right now: fresh, active, stale, blocked, or waiting on maintainer input.
fresh
ClarityHow clearly the issue explains the expected change, acceptance criteria, and next step.
clear
Prerequisites
Node.jsExpress.js basics
Newbie friendlinessA 1-100 score estimating how approachable this issue is for first-time contributors.
70
Research direction
Understand how Cube's checkAuth function currently works and how authentication errors are handled. The issue suggests exposing the response object or allowing custom status codes. Examine files like cube/src/server/ or similar to see how the authentication middleware is implemented. Look at the discussions in issue #8136 for any proposed solutions. The goal is to modify checkAuth to allow returning custom HTTP error codes instead of always throwing a 500 error.