- return new Response(401, "Not authorized", "application/json", JsonUtils.format(new JsonObject().put("success", false).put("error", "auth-required")));
+ return new Response(403, "Forbidden", "application/json", JsonUtils.format(new JsonObject().put("success", false).put("error", "auth-required")));
+ }
+ }
+ if (requiresLogin()) {
+ if (getCurrentSone(request.getToadletContext(), false) == null) {
+ return new Response(403, "Forbidden", "application/json", JsonUtils.format(createErrorJsonObject("auth-required")));