Custom error function still returning error 401 without body

[pipejesus]

Hi there, I took the code from the example and tried to enter bad credentials. I can't get the custom body to show up in the response: i just get the empty body with a 401 error response. Can there be a reason for such behaviour?

$app = new \Slim\App;

$app->add(new \Slim\Middleware\HttpBasicAuthentication([
    "path" => "/api",
    "realm" => "Protected",
    "users" => [
        "root" => "t00r",
        "somebody" => "passw0rd"
    ],
    "error" => function ($request, $response, $arguments) {
        $data = [];
        $data["status"] = "error";
        $data["message"] = $arguments["message"];
        return $response->write(json_encode($data, JSON_UNESCAPED_SLASHES));
    }
]));

[pipejesus]

Sorry! I didn't notice that it's a feature on the 3.x branch.

[tuupola]

NP. You should be pretty safe to use the 3.x branch. However there might be changes since PSR-15 is not finalized yet.

[tuupola]

Oh wait. It is not 3.x feature. Your code above should work with 2.x branch of the middleware too. Are you sure you are testing with the correct url? Are you running other authentication middleware such as slim-jwt-auth too?

Below is an example request with the code you provided above.

$ curl --include http://127.0.0.1:8080/api
HTTP/1.1 401 Unauthorized
Host: 127.0.0.1:8080
Date: Sun, 06 Aug 2017 19:42:15 +0000
Connection: close
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8
WWW-Authenticate: Basic realm="Protected"
Content-Length: 52

{"status":"error","message":"Authentication failed"}