From router:
pipeline :possibly_authorized do
plug(:fetch_session)
plug(
Guardian.Plug.Pipeline,
module: BoilerplateWeb.Guardian,
error_handler: BoilerplateWeb.AuthErrorController
)
plug Guardian.Plug.VerifyHeader, realm: :none
plug Guardian.Plug.LoadResource, allow_blank: true
end
How do I make plug Guardian.Plug.VerifyHeader
do nothing if token is missing or wrong? Now it raises error via error_handler.
Edit: The goal is to still check for the token, if it's present/valid then next plug (LoadResource
) would get current_user, if not then current_user should be nil
without raising.
Based on https://github.com/ueberauth/guardian/blob/v1.2.1/lib/guardian/plug/verify_header.ex#L94
you can see that guardian will do nothing when token is not found, it only halt when the token is invalid.