Authentication/Authorization filters do not allow customizing api error responses #77
Description
Hi everyone,
First of all, let me say i am loving this framework, I have gone through 3 or 4 failed attempts to build a strongly-typed API that would work with SST and AWS lambdas, and this one really did the trick, so amazing work you've done here.
So, about filters:
Currently when implementing IAuthFilter, methods extractAuthData and authenticate only have a request context available and the behavior that can be controlled is that returning a principal is valid, any other return is invalid.
In these cases the library will automatically build the response status codes and the body, so if I couldn't find a way to customize the api response to set a custom body or status code.
Throwing an error will create a 500 response, so that's not good if it is a known error.
Finally, if setting a global error interceptor any thrown errors from the filter will not be picked up by it. Registering global error interceptor before the filters did not work for me.
Unless there is a way i haven't tried yet or a workaround, but i haven't seen any so far.
It'd be nice to either:
- Global error interceptor to catch errors thrown in filters.
- Have response context within the filters so to be able to customize a response for errors.
- Have some way of returning an invalid object that ts-lambda-api would get to build a customized api response.
Thanks!