From 2491dfd7be989ae797ad8f1d243cc8099336e5dc Mon Sep 17 00:00:00 2001
From: Paul Nelson <paul.nelson@uptake.com>
Date: Sat, 20 Jan 2018 13:35:54 -0600
Subject: [PATCH] Add example and documentation around triggering login modal
 #234

---
 docs/securing-unleash.md    | 10 ++++++++++
 examples/basic-auth-hook.js |  5 ++++-
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/docs/securing-unleash.md b/docs/securing-unleash.md
index 67a4214313..43a1dc3652 100644
--- a/docs/securing-unleash.md
+++ b/docs/securing-unleash.md
@@ -22,6 +22,16 @@ unleash.start({
 });
 ```
 
+Additionally, you can trigger the admin interfact to prompt the user to sign in by configuring your middleware to return a `401` status on
+protected routes. The response body must contain a `message` and a `path` used to redirect the user to the proper login route.
+
+```json
+{
+    "message": "You must be logged in to use Unlseash",
+    "path": "/custom/login"
+}
+```
+
 Examples on custom authentication hooks:
 - [google-auth-hook.js](https://github.com/Unleash/unleash/blob/master/examples/google-auth-hook.js)
 - [basic-auth-hook.js](https://github.com/Unleash/unleash/blob/master/examples/basic-auth-hook.js)
diff --git a/examples/basic-auth-hook.js b/examples/basic-auth-hook.js
index 7d09b27278..ea0c88a765 100644
--- a/examples/basic-auth-hook.js
+++ b/examples/basic-auth-hook.js
@@ -16,7 +16,10 @@ function basicAuthentication(app) {
             return res
                 .status('401')
                 .set({ 'WWW-Authenticate': 'Basic realm="example"' })
-                .end('access denied');
+                .send({
+                    message: 'You must be authenticated to use Unleash',
+                    path: '/custom/login',
+                });
         }
     });