Hi !
First of all I’m using Lucee version 5.2.9.31.
I’m currently attempting to create a REST API using Lucee.
Here’s what I did so far :
- I can authenticate a user and return a token (JWT).
- I can check within the onRequestStart method whether the token is valid or not.
Here’s what my onRequestStart method does :
function onRequestStart(string targetPage){
if(getHTTPRequestData().method == "OPTIONS"){
RestSetResponse({"status" : 200});
return false;
}
// Check whether or not the requested ressources can be acccessed without a token.
if(tokenLessResources.contains(CGI.PATH_INFO)){
return true;
}
// Custom object to deal with tokens
var tokenUtil = new ws.pocAngular.tokenUtil();
try {
// Retrieve the token from the Authorization Header
var tokenString = tokenUtil.getTokenFromHttpRequestData(aRequestData: getHTTPRequestData());
// Check the validity of the token
var token = tokenUtil.verifyJWT(tokenString);
// The token status correspond to HTTP code (it might not be a good solution but it's for tests purposes only)
switch(token.getStatus()){
case 200:
// There I create a new token that will be returned to the client in addition to the requested data.
request.newToken = tokenUtil.getJwt(aMinutes: 60, aUserId: token.getOwner());
break;
case 400: case 401:
RestSetResponse({'status' : token.getStatus()});
// !!!! There I want to cancel the request but I also want to return the status.
break;
}
} catch (any e) {
RestSetResponse({'status' : 500});
// !!!! There I want to cancel the request but I also want to return the status.
}
return true;
}
I want to be able to return a 400 status to the client when the token isn’t valid and cancel the request.
I tried to return false but the error code couldn’t be returned owing to the fact that the request was cancelled.
If I return true, the error code is returned but the method corresponding to the requested ressources is still executed as the onRequestStart method returned true.
Let me know if you need more details 
Thanks !