That's actually possible, 400 is just the default code:
cancel("You're not allowed to do that", 403);
I'm not sure why we didn't show that in the video.
Edit: Unless you're saying that 403 should be the default code?
Sounds like 400 is the right code for cancelling a request in general.
The way you have it setup is fine in my opinion. Maybe add some sugar like: `needsAuth()` which would check for a user and would return `cancel("You're not allowed to do that", 403)` given the user does not exist.
I don't think that's necessary though. I like how it is right now.
The way you have it setup is fine in my opinion. Maybe add some sugar like: `needsAuth()` which would check for a user and would return `cancel("You're not allowed to do that", 403)` given the user does not exist.
I don't think that's necessary though. I like how it is right now.
Great work.