I've noticed that Castra provides only two possible http status codes : 500 and 200.
I'm wondering why there is no support for 401, 403 and so on ?
How to deal with that when we want to add some security under castra. e.g. create login rpc and is_authenticated rpc which would periodically return statuses depending on if user is an authenicated or not.
My first thought was that I would like to be able to pass default exception handler for exceptions to be able to map it to specific responses (giving 401 or 403 status codes when appropriate).
Also the second problem for me is that e.g. when we want to intergrate with some existing security framework e.g. friend we have problems with propagating exception higher to friend. Castra catches everything and translates to error response. Giving optional exception handler would allow to e.g. rethrow such an exception.
Do You have any solution for above problems ?
Maybe I should change approach for security ?
(Currently I'm not allowing control to get into castra handler if not authenticated or authorized)