401 -> 403

lib/middleware/require_auth.dart

@@ -7,7 +7,7 @@ Future<bool> requireAuth(RequestContext req, ResponseContext res,
     return true;
   else if (throws) {
     res.status(HttpStatus.UNAUTHORIZED);
-    throw new AngelHttpException.NotAuthenticated();
+    throw new AngelHttpException.Forbidden();
   }
   else return false;
 }

lib/strategies/local.dart

@@ -73,14 +73,19 @@ class LocalAuthStrategy extends AuthStrategy {
           ..header(HttpHeaders.WWW_AUTHENTICATE, 'Basic realm="$realm"')
           ..end();
         return false;
-      } else throw new AngelHttpException.NotAuthenticated();
+      } else return false;
     }
 
-    req.session['user'] = await Auth.serializer(verificationResult);
-    if (options.successRedirect != null && options.successRedirect.isNotEmpty) {
-      return res.redirect(options.successRedirect, code: HttpStatus.OK);
-    }
+    else if (verificationResult != null && verificationResult != false) {
+      req.session['userId'] = await Auth.serializer(verificationResult);
+      if (options.successRedirect != null &&
+          options.successRedirect.isNotEmpty) {
+        return res.redirect(options.successRedirect, code: HttpStatus.OK);
+      }
 
-    return true;
+      return true;
+    } else {
+      throw new AngelHttpException.NotAuthenticated();
+    }
   }
 }

pubspec.yaml

@@ -1,7 +1,7 @@
 name: angel_auth
 description: A complete authentication plugin for Angel.
-version: 1.0.0-dev
-author: thosakwe <thosakwe@gmail.com>
+version: 1.0.0-dev+5
+author: Tobe O <thosakwe@gmail.com>
 homepage: https://github.com/angel-dart/angel_auth
 dependencies:
   angel_framework: ">=0.0.0-dev < 0.1.0"