allow attaching of custom data

lib/AuthHandler.ts

@@ -37,6 +37,8 @@ class AuthRequest {
   public is_basic: boolean;
   public user: string;
   public password: string;
+  public token_data?: Record<string, unknown>;
+  public token_id?: string;
   public body: string;
 
   private _cookie_name?: string;
@@ -202,6 +204,9 @@ export default function create_auth_handler (
       return Promise.resolve ();
     }
 
+    request.token_data = token_data.data;
+    request.token_id = token_data.id;
+
     if (
       typeof options !== 'undefined'
       && typeof options.refresh !== 'undefined'

lib/Authority.ts

@@ -20,8 +20,10 @@ interface VerificationResult {
   authorized: boolean;
   valid: boolean;
   type: TokenType;
+  id: string;
   next_module?: string;
   data?: Record<string, unknown>;
+  error?: string;
 }
 
 interface SignatureResult {
@@ -40,7 +42,8 @@ class Authority {
     const result: VerificationResult = {
       authorized: false,
       valid:      false,
-      type:       'none'
+      type:       'none',
+      id:         ''
     };
     const data = verify_signature_get_info (
       key,
@@ -55,13 +58,18 @@ class Authority {
       (info) => info.valid_for * 1000
     );
 
-    if (data === null)
+    if (data === null) {
+      result.error = 'invalid signature';
       return result;
+    }
 
+    result.id = data.id;
     result.type = data.type;
 
-    if (!blacklist.is_valid (data.id))
+    if (!blacklist.is_valid (data.id)) {
+      result.error = 'blacklisted';
       return result;
+    }
 
     result.valid = true;
     result.authorized = result.type === 'access_token';

lib/Gateway.ts

@@ -65,7 +65,14 @@ class GatewayClass {
     if (auth === null)
       return false;
 
-    return authority.verify (auth).authorized;
+    const ver = authority.verify (auth);
+
+    const con = req.connection as Record<string, unknown>;
+    con.auth = {};
+    con.auth.token_id = ver.id;
+    con.auth.token_data = ver.data;
+
+    return ver.authorized;
   }
 
   public process_request (