access deny should not always redirect
tnclong opened this issue · 1 comments
tnclong commented
Can you share your thought here?
https://github.com/qor/auth/blob/master/authority/authority.go#L33
https://github.com/qor/auth/blob/master/authority/authority.go#L81
After valid the roles, I want write proto(json) message to front-end instead of redirect to login page.
I think the how to handle access deny is a configurable behavior.
// Config authority config
type Config struct {
Auth AuthInterface
Role *roles.Role
// RedirectPathAfterAccessDenied string
AccessDenyHandler func(w http.ResponseWriter, req *http.Request, auth AuthInterface)
}