Hi there,
we've been using the option to pass unauth_action = deny on to check authentication only but not redirect if no session is found (for paths of api endpoints only).
However since upgrading to the v 1.8.0, we see redirects on those paths as well.
Readme still states:
-- check session, do not redirect to auth if not already logged in but return an error instead
local res, err = require("resty.openidc").authenticate(opts, nil, "deny")
which is what we are using.
Does anyone know if there is a different way to configure this behaviour in the current version?
Best
Hi there,
we've been using the option to pass unauth_action = deny on to check authentication only but not redirect if no session is found (for paths of api endpoints only).
However since upgrading to the v 1.8.0, we see redirects on those paths as well.
Readme still states:
which is what we are using.
Does anyone know if there is a different way to configure this behaviour in the current version?
Best