Alter FreePBX core to send appropriate unauthorized status code

I’ve written a very basic Angular GUI for remote management of FreePBX. Initially, it posts a login request to /admin/config.php with my admin credentials. I have other functions set up to logout (/admin/config.php?logout) and add extensions.

So far, everything is working and it’s secure. My problem is I have no reliable method to determine if my login attempt has succeeded or failed. The server responds with a 200 OK regardless. In which file is the login processed? Can I alter the response for a failed login attempt to be something more appropriate (401 unauthorized)? Can the same be done if an extension, trunk, route, etc fails to save?

I think I may have this issue sorted. In /admin/libraries/gui_auth.php, I’ve added:

header('HTTP/1.0 401 Unauthorized');

under every instance of:

$no_auth = true;

This seems to be working the way I need it to so far.