howto prevent www-authenticate header when using passport-http Basic + passport-local combination
instead of this:
next(null, false, { message: 'Authentication failed. Wrong username or password.' });
You can use this:
cb(new YourCustomError())
And "YourCustomError" can have a message, for me mine "YourCustomError" looks like:
class HttpError extends Error { constructor (msg = 'Invalid Request', status = 400) { super(msg) this.status = status }}class Forbidden extends HttpError { constructor (msg = 'Forbidden') { super(msg, 403) }}
Or probably new Error(<message>)
will work properly for you, too