401 Unauthorized

You must log in to access this resource. It actually means ‘Unauthenticated’.

When and Why to Use It

Use this when the user tries to access a private endpoint, but they haven’t logged in, or their session token is expired.

Usage Examples

Shokupan (Functional)

import { HttpException, get } from 'shokupan';

export const getProfile = get('/profile', (req) => {
    const token = req.headers.authorization;
    if (!token) {
        throw new HttpException('Missing auth token', 401);
    }

    // ... fetch profile safely
});

Shokupan (Controller)

import { Controller, Get, Req, HttpException } from 'shokupan';

@Controller('/api')
export class ProfileController {
    @Get('/profile')
    getProfile(@Req() req: any) {
        if (!req.headers.authorization) {
            throw new HttpException('Missing auth token', 401);
        }

        // ... fetch profile safely
    }
}

Express

import express from 'express';
const app = express();

app.get('/profile', (req, res) => {
    if (!req.headers.authorization) {
        return res.status(401).json({ error: 'Missing auth token' });
    }

    // ... fetch profile safely
});

Nest

import { Controller, Get, UnauthorizedException, Headers } from '@nestjs/common';

@Controller('profile')
export class ProfileController {
  @Get()
  getProfile(@Headers('authorization') authHeader: string) {
    if (!authHeader) {
      throw new UnauthorizedException('Missing auth token');
    }

    // ... fetch profile safely
  }
}

Koa

import Koa from 'koa';
const app = new Koa();

app.use(async ctx => {
  if (ctx.path === '/profile' && ctx.method === 'GET') {
    if (!ctx.headers.authorization) {
      ctx.status = 401;
      ctx.body = { error: 'Missing auth token' };
      return;
    }

    // ... fetch profile safely
  }
});