check after hook errors

CHANGELOG.md

@@ -19,6 +19,9 @@
   }
   ```
 
+- (@todo docs) Changed the After* hooks to be called right before writing the user response, allowing users to return response errors from the after hooks.
+
+
 ## v0.16.4-WIP
 
 - Fixed the selfupdate command not working on Windows due to missing `.exe` in the extracted binary path ([#2589](https://github.com/pocketbase/pocketbase/discussions/2589)).

apis/admin.go

@@ -33,12 +33,18 @@ type adminApi struct {
 	app core.App
 }
 
-func (api *adminApi) authResponse(c echo.Context, admin *models.Admin) error {
+func (api *adminApi) authResponse(c echo.Context, admin *models.Admin, finalizers ...func(token string) error) error {
 	token, tokenErr := tokens.NewAdminAuthToken(api.app, admin)
 	if tokenErr != nil {
 		return NewBadRequestError("Failed to create auth token.", tokenErr)
 	}
 
+	for _, f := range finalizers {
+		if err := f(token); err != nil {
+			return err
+		}
+	}
+
 	event := new(core.AdminAuthEvent)
 	event.HttpContext = c
 	event.Admin = admin
@@ -62,17 +68,13 @@ func (api *adminApi) authRefresh(c echo.Context) error {
 	event.HttpContext = c
 	event.Admin = admin
 
-	handlerErr := api.app.OnAdminBeforeAuthRefreshRequest().Trigger(event, func(e *core.AdminAuthRefreshEvent) error {
+	return api.app.OnAdminBeforeAuthRefreshRequest().Trigger(event, func(e *core.AdminAuthRefreshEvent) error {
+		if err := api.app.OnAdminAfterAuthRefreshRequest().Trigger(event); err != nil {
+			return err
+		}
+
 		return api.authResponse(e.HttpContext, e.Admin)
 	})
-
-	if handlerErr == nil {
-		if err := api.app.OnAdminAfterAuthRefreshRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
-	return handlerErr
 }
 
 func (api *adminApi) authWithPassword(c echo.Context) error {
@@ -95,17 +97,15 @@ func (api *adminApi) authWithPassword(c echo.Context) error {
 					return NewBadRequestError("Failed to authenticate.", err)
 				}
 
+				if err := api.app.OnAdminAfterAuthWithPasswordRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				return api.authResponse(e.HttpContext, e.Admin)
 			})
 		}
 	})
 
-	if submitErr == nil {
-		if err := api.app.OnAdminAfterAuthWithPasswordRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
 	return submitErr
 }
 
@@ -130,29 +130,27 @@ func (api *adminApi) requestPasswordReset(c echo.Context) error {
 				// run in background because we don't need to show the result to the client
 				routine.FireAndForget(func() {
 					if err := next(e.Admin); err != nil && api.app.IsDebug() {
+						// @todo replace after logs generalization
 						log.Println(err)
 					}
 				})
 
+				if err := api.app.OnAdminAfterRequestPasswordResetRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				return e.HttpContext.NoContent(http.StatusNoContent)
 			})
 		}
 	})
 
-	if submitErr == nil {
+	// eagerly write 204 response and skip submit errors
-		if err := api.app.OnAdminAfterRequestPasswordResetRequest().Trigger(event); err != nil && api.app.IsDebug() {
+	// as a measure against admins enumeration
-			log.Println(err)
-		}
-	} else if api.app.IsDebug() {
-		log.Println(submitErr)
-	}
-
-	// don't return the response error to prevent emails enumeration
 	if !c.Response().Committed {
 		c.NoContent(http.StatusNoContent)
 	}
 
-	return nil
+	return submitErr
 }
 
 func (api *adminApi) confirmPasswordReset(c echo.Context) error {
@@ -173,17 +171,15 @@ func (api *adminApi) confirmPasswordReset(c echo.Context) error {
 					return NewBadRequestError("Failed to set new password.", err)
 				}
 
+				if err := api.app.OnAdminAfterConfirmPasswordResetRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				return e.HttpContext.NoContent(http.StatusNoContent)
 			})
 		}
 	})
 
-	if submitErr == nil {
-		if err := api.app.OnAdminAfterConfirmPasswordResetRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
 	return submitErr
 }
 
@@ -256,17 +252,15 @@ func (api *adminApi) create(c echo.Context) error {
 					return NewBadRequestError("Failed to create admin.", err)
 				}
 
+				if err := api.app.OnAdminAfterCreateRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				return e.HttpContext.JSON(http.StatusOK, e.Admin)
 			})
 		}
 	})
 
-	if submitErr == nil {
-		if err := api.app.OnAdminAfterCreateRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
 	return submitErr
 }
 
@@ -302,17 +296,15 @@ func (api *adminApi) update(c echo.Context) error {
 					return NewBadRequestError("Failed to update admin.", err)
 				}
 
+				if err := api.app.OnAdminAfterUpdateRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				return e.HttpContext.JSON(http.StatusOK, e.Admin)
 			})
 		}
 	})
 
-	if submitErr == nil {
-		if err := api.app.OnAdminAfterUpdateRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
 	return submitErr
 }
 
@@ -331,19 +323,15 @@ func (api *adminApi) delete(c echo.Context) error {
 	event.HttpContext = c
 	event.Admin = admin
 
-	handlerErr := api.app.OnAdminBeforeDeleteRequest().Trigger(event, func(e *core.AdminDeleteEvent) error {
+	return api.app.OnAdminBeforeDeleteRequest().Trigger(event, func(e *core.AdminDeleteEvent) error {
 		if err := api.app.Dao().DeleteAdmin(e.Admin); err != nil {
 			return NewBadRequestError("Failed to delete admin.", err)
 		}
 
+		if err := api.app.OnAdminAfterDeleteRequest().Trigger(event); err != nil {
+			return err
+		}
+
 		return e.HttpContext.NoContent(http.StatusNoContent)
 	})
-
-	if handlerErr == nil {
-		if err := api.app.OnAdminAfterDeleteRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
-	return handlerErr
 }

apis/collection.go

@@ -1,7 +1,6 @@
 package apis
 
 import (
-	"log"
 	"net/http"
 
 	"github.com/labstack/echo/v5"
@@ -83,7 +82,7 @@ func (api *collectionApi) create(c echo.Context) error {
 	event.Collection = collection
 
 	// create the collection
-	submitErr := form.Submit(func(next forms.InterceptorNextFunc[*models.Collection]) forms.InterceptorNextFunc[*models.Collection] {
+	return form.Submit(func(next forms.InterceptorNextFunc[*models.Collection]) forms.InterceptorNextFunc[*models.Collection] {
 		return func(m *models.Collection) error {
 			event.Collection = m
 
@@ -92,18 +91,14 @@ func (api *collectionApi) create(c echo.Context) error {
 					return NewBadRequestError("Failed to create the collection.", err)
 				}
 
+				if err := api.app.OnCollectionAfterCreateRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				return e.HttpContext.JSON(http.StatusOK, e.Collection)
 			})
 		}
 	})
-
-	if submitErr == nil {
-		if err := api.app.OnCollectionAfterCreateRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
-	return submitErr
 }
 
 func (api *collectionApi) update(c echo.Context) error {
@@ -124,7 +119,7 @@ func (api *collectionApi) update(c echo.Context) error {
 	event.Collection = collection
 
 	// update the collection
-	submitErr := form.Submit(func(next forms.InterceptorNextFunc[*models.Collection]) forms.InterceptorNextFunc[*models.Collection] {
+	return form.Submit(func(next forms.InterceptorNextFunc[*models.Collection]) forms.InterceptorNextFunc[*models.Collection] {
 		return func(m *models.Collection) error {
 			event.Collection = m
 
@@ -133,18 +128,14 @@ func (api *collectionApi) update(c echo.Context) error {
 					return NewBadRequestError("Failed to update the collection.", err)
 				}
 
+				if err := api.app.OnCollectionAfterUpdateRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				return e.HttpContext.JSON(http.StatusOK, e.Collection)
 			})
 		}
 	})
-
-	if submitErr == nil {
-		if err := api.app.OnCollectionAfterUpdateRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
-	return submitErr
 }
 
 func (api *collectionApi) delete(c echo.Context) error {
@@ -157,21 +148,17 @@ func (api *collectionApi) delete(c echo.Context) error {
 	event.HttpContext = c
 	event.Collection = collection
 
-	handlerErr := api.app.OnCollectionBeforeDeleteRequest().Trigger(event, func(e *core.CollectionDeleteEvent) error {
+	return api.app.OnCollectionBeforeDeleteRequest().Trigger(event, func(e *core.CollectionDeleteEvent) error {
 		if err := api.app.Dao().DeleteCollection(e.Collection); err != nil {
 			return NewBadRequestError("Failed to delete collection due to existing dependency.", err)
 		}
 
+		if err := api.app.OnCollectionAfterDeleteRequest().Trigger(event); err != nil {
+			return err
+		}
+
 		return e.HttpContext.NoContent(http.StatusNoContent)
 	})
-
-	if handlerErr == nil {
-		if err := api.app.OnCollectionAfterDeleteRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
-	return handlerErr
 }
 
 func (api *collectionApi) bulkImport(c echo.Context) error {
@@ -187,7 +174,7 @@ func (api *collectionApi) bulkImport(c echo.Context) error {
 	event.Collections = form.Collections
 
 	// import collections
-	submitErr := form.Submit(func(next forms.InterceptorNextFunc[[]*models.Collection]) forms.InterceptorNextFunc[[]*models.Collection] {
+	return form.Submit(func(next forms.InterceptorNextFunc[[]*models.Collection]) forms.InterceptorNextFunc[[]*models.Collection] {
 		return func(imports []*models.Collection) error {
 			event.Collections = imports
 
@@ -196,16 +183,12 @@ func (api *collectionApi) bulkImport(c echo.Context) error {
 					return NewBadRequestError("Failed to import the submitted collections.", err)
 				}
 
+				if err := api.app.OnCollectionsAfterImportRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				return e.HttpContext.NoContent(http.StatusNoContent)
 			})
 		}
 	})
-
-	if submitErr == nil {
-		if err := api.app.OnCollectionsAfterImportRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
-	return submitErr
 }

apis/file.go

@@ -3,7 +3,6 @@ package apis
 import (
 	"errors"
 	"fmt"
-	"log"
 	"net/http"
 	"strings"
 
@@ -49,23 +48,19 @@ func (api *fileApi) fileToken(c echo.Context) error {
 		event.Token, _ = tokens.NewRecordFileToken(api.app, record)
 	}
 
-	handlerErr := api.app.OnFileBeforeTokenRequest().Trigger(event, func(e *core.FileTokenEvent) error {
+	return api.app.OnFileBeforeTokenRequest().Trigger(event, func(e *core.FileTokenEvent) error {
 		if e.Model == nil || e.Token == "" {
 			return NewBadRequestError("Failed to generate file token.", nil)
 		}
 
+		if err := api.app.OnFileAfterTokenRequest().Trigger(event); err != nil {
+			return err
+		}
+
 		return e.HttpContext.JSON(http.StatusOK, map[string]string{
 			"token": e.Token,
 		})
 	})
-
-	if handlerErr == nil {
-		if err := api.app.OnFileAfterTokenRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
-	return handlerErr
 }
 
 func (api *fileApi) download(c echo.Context) error {

apis/realtime.go

@@ -191,7 +191,7 @@ func (api *realtimeApi) setSubscriptions(c echo.Context) error {
 		Subscriptions: form.Subscriptions,
 	}
 
-	handlerErr := api.app.OnRealtimeBeforeSubscribeRequest().Trigger(event, func(e *core.RealtimeSubscribeEvent) error {
+	return api.app.OnRealtimeBeforeSubscribeRequest().Trigger(event, func(e *core.RealtimeSubscribeEvent) error {
 		// update auth state
 		e.Client.Set(ContextAdminKey, e.HttpContext.Get(ContextAdminKey))
 		e.Client.Set(ContextAuthRecordKey, e.HttpContext.Get(ContextAuthRecordKey))
@@ -202,14 +202,12 @@ func (api *realtimeApi) setSubscriptions(c echo.Context) error {
 		// subscribe to the new subscriptions
 		e.Client.Subscribe(e.Subscriptions...)
 
+		if err := api.app.OnRealtimeAfterSubscribeRequest().Trigger(event); err != nil {
+			return err
+		}
+
 		return e.HttpContext.NoContent(http.StatusNoContent)
 	})
-
-	if handlerErr == nil {
-		api.app.OnRealtimeAfterSubscribeRequest().Trigger(event)
-	}
-
-	return handlerErr
 }
 
 // updateClientsAuthModel updates the existing clients auth model with the new one (matched by ID).

apis/record_auth.go

@@ -65,17 +65,11 @@ func (api *recordAuthApi) authRefresh(c echo.Context) error {
 	event.Collection = record.Collection()
 	event.Record = record
 
-	handlerErr := api.app.OnRecordBeforeAuthRefreshRequest().Trigger(event, func(e *core.RecordAuthRefreshEvent) error {
+	return api.app.OnRecordBeforeAuthRefreshRequest().Trigger(event, func(e *core.RecordAuthRefreshEvent) error {
-		return RecordAuthResponse(api.app, e.HttpContext, e.Record, nil)
+		return RecordAuthResponse(api.app, e.HttpContext, e.Record, nil, func(t string) error {
+			return api.app.OnRecordAfterAuthRefreshRequest().Trigger(event)
+		})
 	})
-
-	if handlerErr == nil {
-		if err := api.app.OnRecordAfterAuthRefreshRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
-	return handlerErr
 }
 
 type providerInfo struct {
@@ -256,17 +250,13 @@ func (api *recordAuthApi) authWithOAuth2(c echo.Context) error {
 					IsNew:    event.IsNewRecord,
 				}
 
-				return RecordAuthResponse(api.app, e.HttpContext, e.Record, meta)
+				return RecordAuthResponse(api.app, e.HttpContext, e.Record, meta, func(t string) error {
+					return api.app.OnRecordAfterAuthWithOAuth2Request().Trigger(event)
+				})
 			})
 		}
 	})
 
-	if submitErr == nil {
-		if err := api.app.OnRecordAfterAuthWithOAuth2Request().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
 	return submitErr
 }
 
@@ -296,17 +286,13 @@ func (api *recordAuthApi) authWithPassword(c echo.Context) error {
 					return NewBadRequestError("Failed to authenticate.", err)
 				}
 
-				return RecordAuthResponse(api.app, e.HttpContext, e.Record, nil)
+				return RecordAuthResponse(api.app, e.HttpContext, e.Record, nil, func(t string) error {
+					return api.app.OnRecordAfterAuthWithPasswordRequest().Trigger(event)
+				})
 			})
 		}
 	})
 
-	if submitErr == nil {
-		if err := api.app.OnRecordAfterAuthWithPasswordRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
 	return submitErr
 }
 
@@ -346,25 +332,22 @@ func (api *recordAuthApi) requestPasswordReset(c echo.Context) error {
 					}
 				})
 
+				if err := api.app.OnRecordAfterRequestPasswordResetRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				return e.HttpContext.NoContent(http.StatusNoContent)
 			})
 		}
 	})
 
-	if submitErr == nil {
+	// eagerly write 204 response and skip submit errors
-		if err := api.app.OnRecordAfterRequestPasswordResetRequest().Trigger(event); err != nil && api.app.IsDebug() {
+	// as a measure against emails enumeration
-			log.Println(err)
-		}
-	} else if api.app.IsDebug() {
-		log.Println(submitErr)
-	}
-
-	// don't return the response error to prevent emails enumeration
 	if !c.Response().Committed {
 		c.NoContent(http.StatusNoContent)
 	}
 
-	return nil
+	return submitErr
 }
 
 func (api *recordAuthApi) confirmPasswordReset(c echo.Context) error {
@@ -391,17 +374,15 @@ func (api *recordAuthApi) confirmPasswordReset(c echo.Context) error {
 					return NewBadRequestError("Failed to set new password.", err)
 				}
 
+				if err := api.app.OnRecordAfterConfirmPasswordResetRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				return e.HttpContext.NoContent(http.StatusNoContent)
 			})
 		}
 	})
 
-	if submitErr == nil {
-		if err := api.app.OnRecordAfterConfirmPasswordResetRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
 	return submitErr
 }
 
@@ -436,25 +417,22 @@ func (api *recordAuthApi) requestVerification(c echo.Context) error {
 					}
 				})
 
+				if err := api.app.OnRecordAfterRequestVerificationRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				return e.HttpContext.NoContent(http.StatusNoContent)
 			})
 		}
 	})
 
-	if submitErr == nil {
+	// eagerly write 204 response and skip submit errors
-		if err := api.app.OnRecordAfterRequestVerificationRequest().Trigger(event); err != nil && api.app.IsDebug() {
+	// as a measure against users enumeration
-			log.Println(err)
-		}
-	} else if api.app.IsDebug() {
-		log.Println(submitErr)
-	}
-
-	// don't return the response error to prevent emails enumeration
 	if !c.Response().Committed {
 		c.NoContent(http.StatusNoContent)
 	}
 
-	return nil
+	return submitErr
 }
 
 func (api *recordAuthApi) confirmVerification(c echo.Context) error {
@@ -481,17 +459,15 @@ func (api *recordAuthApi) confirmVerification(c echo.Context) error {
 					return NewBadRequestError("An error occurred while submitting the form.", err)
 				}
 
+				if err := api.app.OnRecordAfterConfirmVerificationRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				return e.HttpContext.NoContent(http.StatusNoContent)
 			})
 		}
 	})
 
-	if submitErr == nil {
-		if err := api.app.OnRecordAfterConfirmVerificationRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
 	return submitErr
 }
 
@@ -516,23 +492,21 @@ func (api *recordAuthApi) requestEmailChange(c echo.Context) error {
 	event.Collection = collection
 	event.Record = record
 
-	submitErr := form.Submit(func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
+	return form.Submit(func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
 		return func(record *models.Record) error {
 			return api.app.OnRecordBeforeRequestEmailChangeRequest().Trigger(event, func(e *core.RecordRequestEmailChangeEvent) error {
 				if err := next(e.Record); err != nil {
 					return NewBadRequestError("Failed to request email change.", err)
 				}
 
+				if err := api.app.OnRecordAfterRequestEmailChangeRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				return e.HttpContext.NoContent(http.StatusNoContent)
 			})
 		}
 	})
-
-	if submitErr == nil {
-		api.app.OnRecordAfterRequestEmailChangeRequest().Trigger(event)
-	}
-
-	return submitErr
 }
 
 func (api *recordAuthApi) confirmEmailChange(c echo.Context) error {
@@ -559,17 +533,15 @@ func (api *recordAuthApi) confirmEmailChange(c echo.Context) error {
 					return NewBadRequestError("Failed to confirm email change.", err)
 				}
 
+				if err := api.app.OnRecordAfterConfirmEmailChangeRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				return e.HttpContext.NoContent(http.StatusNoContent)
 			})
 		}
 	})
 
-	if submitErr == nil {
-		if err := api.app.OnRecordAfterConfirmEmailChangeRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
 	return submitErr
 }
 
@@ -633,19 +605,17 @@ func (api *recordAuthApi) unlinkExternalAuth(c echo.Context) error {
 	event.Record = record
 	event.ExternalAuth = externalAuth
 
-	handlerErr := api.app.OnRecordBeforeUnlinkExternalAuthRequest().Trigger(event, func(e *core.RecordUnlinkExternalAuthEvent) error {
+	return api.app.OnRecordBeforeUnlinkExternalAuthRequest().Trigger(event, func(e *core.RecordUnlinkExternalAuthEvent) error {
 		if err := api.app.Dao().DeleteExternalAuth(externalAuth); err != nil {
 			return NewBadRequestError("Cannot unlink the external auth provider.", err)
 		}
 
+		if err := api.app.OnRecordAfterUnlinkExternalAuthRequest().Trigger(event); err != nil {
+			return err
+		}
+
 		return e.HttpContext.NoContent(http.StatusNoContent)
 	})
-
-	if handlerErr == nil {
-		api.app.OnRecordAfterUnlinkExternalAuthRequest().Trigger(event)
-	}
-
-	return handlerErr
 }
 
 // -------------------------------------------------------------------

apis/record_crud.go

@@ -220,7 +220,7 @@ func (api *recordApi) create(c echo.Context) error {
 	event.UploadedFiles = form.FilesToUpload()
 
 	// create the record
-	submitErr := form.Submit(func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
+	return form.Submit(func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
 		return func(m *models.Record) error {
 			event.Record = m
 
@@ -233,18 +233,14 @@ func (api *recordApi) create(c echo.Context) error {
 					log.Println(err)
 				}
 
+				if err := api.app.OnRecordAfterCreateRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				return e.HttpContext.JSON(http.StatusOK, e.Record)
 			})
 		}
 	})
-
-	if submitErr == nil {
-		if err := api.app.OnRecordAfterCreateRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
-	return submitErr
 }
 
 func (api *recordApi) update(c echo.Context) error {
@@ -309,7 +305,7 @@ func (api *recordApi) update(c echo.Context) error {
 	event.UploadedFiles = form.FilesToUpload()
 
 	// update the record
-	submitErr := form.Submit(func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
+	return form.Submit(func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
 		return func(m *models.Record) error {
 			event.Record = m
 
@@ -322,18 +318,14 @@ func (api *recordApi) update(c echo.Context) error {
 					log.Println(err)
 				}
 
+				if err := api.app.OnRecordAfterUpdateRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				return e.HttpContext.JSON(http.StatusOK, e.Record)
 			})
 		}
 	})
-
-	if submitErr == nil {
-		if err := api.app.OnRecordAfterUpdateRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
-	return submitErr
 }
 
 func (api *recordApi) delete(c echo.Context) error {
@@ -377,22 +369,18 @@ func (api *recordApi) delete(c echo.Context) error {
 	event.Collection = collection
 	event.Record = record
 
-	handlerErr := api.app.OnRecordBeforeDeleteRequest().Trigger(event, func(e *core.RecordDeleteEvent) error {
+	return api.app.OnRecordBeforeDeleteRequest().Trigger(event, func(e *core.RecordDeleteEvent) error {
 		// delete the record
 		if err := api.app.Dao().DeleteRecord(e.Record); err != nil {
 			return NewBadRequestError("Failed to delete record. Make sure that the record is not part of a required relation reference.", err)
 		}
 
+		if err := api.app.OnRecordAfterDeleteRequest().Trigger(event); err != nil {
+			return err
+		}
+
 		return e.HttpContext.NoContent(http.StatusNoContent)
 	})
-
-	if handlerErr == nil {
-		if err := api.app.OnRecordAfterDeleteRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
-	return handlerErr
 }
 
 func (api *recordApi) checkForForbiddenQueryFields(c echo.Context) error {

apis/record_helpers.go

@@ -57,7 +57,13 @@ func RequestData(c echo.Context) *models.RequestData {
 	return result
 }
 
-func RecordAuthResponse(app core.App, c echo.Context, authRecord *models.Record, meta any) error {
+func RecordAuthResponse(
+	app core.App,
+	c echo.Context,
+	authRecord *models.Record,
+	meta any,
+	finalizers ...func(token string) error,
+) error {
 	token, tokenErr := tokens.NewRecordAuthToken(app, authRecord)
 	if tokenErr != nil {
 		return NewBadRequestError("Failed to create auth token.", tokenErr)
@@ -100,6 +106,12 @@ func RecordAuthResponse(app core.App, c echo.Context, authRecord *models.Record,
 			result["meta"] = e.Meta
 		}
 
+		for _, f := range finalizers {
+			if err := f(e.Token); err != nil {
+				return err
+			}
+		}
+
 		return e.HttpContext.JSON(http.StatusOK, result)
 	})
 }

apis/settings.go

@@ -1,7 +1,6 @@
 package apis
 
 import (
-	"log"
 	"net/http"
 
 	validation "github.com/go-ozzo/ozzo-validation/v4"
@@ -55,7 +54,7 @@ func (api *settingsApi) set(c echo.Context) error {
 	event.OldSettings = api.app.Settings()
 
 	// update the settings
-	submitErr := form.Submit(func(next forms.InterceptorNextFunc[*settings.Settings]) forms.InterceptorNextFunc[*settings.Settings] {
+	return form.Submit(func(next forms.InterceptorNextFunc[*settings.Settings]) forms.InterceptorNextFunc[*settings.Settings] {
 		return func(s *settings.Settings) error {
 			event.NewSettings = s
 
@@ -64,6 +63,10 @@ func (api *settingsApi) set(c echo.Context) error {
 					return NewBadRequestError("An error occurred while submitting the form.", err)
 				}
 
+				if err := api.app.OnSettingsAfterUpdateRequest().Trigger(event); err != nil {
+					return err
+				}
+
 				redactedSettings, err := api.app.Settings().RedactClone()
 				if err != nil {
 					return NewBadRequestError("", err)
@@ -73,14 +76,6 @@ func (api *settingsApi) set(c echo.Context) error {
 			})
 		}
 	})
-
-	if submitErr == nil {
-		if err := api.app.OnSettingsAfterUpdateRequest().Trigger(event); err != nil && api.app.IsDebug() {
-			log.Println(err)
-		}
-	}
-
-	return submitErr
 }
 
 func (api *settingsApi) testS3(c echo.Context) error {