From 21ad6931b7a386aab9b4d5f54e8f405425a65fdd Mon Sep 17 00:00:00 2001
From: bluepython508 <bluepython508@users.noreply.github.io>
Date: Fri, 10 Nov 2023 00:23:33 +0000
Subject: [PATCH] Respond with unauthorized instead of error

---
 .../controllers/user_session_controller.ex      | 17 +++++++++++------
 lib/sso_bsn_web/router.ex                       |  2 +-
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/lib/sso_bsn_web/controllers/user_session_controller.ex b/lib/sso_bsn_web/controllers/user_session_controller.ex
index b4a81a1..a9d16e2 100644
--- a/lib/sso_bsn_web/controllers/user_session_controller.ex
+++ b/lib/sso_bsn_web/controllers/user_session_controller.ex
@@ -24,12 +24,17 @@ defmodule SsoBsnWeb.UserSessionController do
   end
 
   def check_auth(conn, _params) do
-    user = conn.assigns[:current_user]
-    conn
-    |> put_resp_header("X-Auth-Username", user.username)
-    |> json(%{
-      username: user.username
-    })
+    if user = conn.assigns[:current_user] do
+      conn
+      |> put_resp_header("X-Auth-Username", user.username)
+      |> json(%{
+        username: user.username
+      })
+    else 
+      conn
+      |> put_status(:unauthorized)
+      |> text("Unauthorized")
+    end
   end
 
   def redirect_next(conn, %{ "next" => next }) do
diff --git a/lib/sso_bsn_web/router.ex b/lib/sso_bsn_web/router.ex
index a094818..5525c5d 100644
--- a/lib/sso_bsn_web/router.ex
+++ b/lib/sso_bsn_web/router.ex
@@ -75,7 +75,7 @@ defmodule SsoBsnWeb.Router do
   end
 
   scope "/", SsoBsnWeb do
-    pipe_through [:api, :fetch_session, :fetch_current_user, :require_authenticated_user]
+    pipe_through [:api, :fetch_session, :fetch_current_user]
 
     get "/whoami", UserSessionController, :check_auth
   end