Description

Currently, when not authenticated, the middleware in dart_frog_auth sends a response that has an empty body and status code 403. However, in applications like web sites, this is not ideal. Typically you would want to respond with an html body that informs the user they aren't logged in.

I propose adding an optional parameter to all the middleware called unauthenticatedResponse that takes a Handler?. If nothing is passed to the parameter, then it will use the existing default. If a function is passed, it will be returned if the request is not authenticated.

basicAuthentication<User>(
    unauthenticatedResponse: (context) => Response(body: /** HTML body */, status: HttpStatus.unauthenticated),
    authenticator: (context, username, password) {
        final userRepository = context.read<UserRepository>();
        return userRepository.fetchFromCredentials(username, password);
    },
)

Requirements

• All CI/CD checks are passing.
• There is no drop in the test coverage percentage.
• The unauthenticatedResponse parameter exists on all the middleware
• The change is documented in the Dart Frog docs in the authentication page

Additional Context

No response