We're a place where coders share, stay up-to-date and grow their careers.
First of all let me say this is an excellent post.
I have one question though.
I have implemented this with an WEB API project. If the user is not authorized (e.g. token expired) a 404 Not found is returned.
How can you return an unauthorized status instead of "404 Not found"
With cookies I had implemented it as such
services.AddIdentity<ApplicationUser, IdentityRole>(identityOptions => { identityOptions.Cookies.ApplicationCookie.Events = new CookieAuthenticationEvents { OnRedirectToLogin = context => { if (context.Request.Path.StartsWithSegments("/api") && context.Response.StatusCode == (int)HttpStatusCode.OK) context.Response.StatusCode = (int)HttpStatusCode.Unauthorized; else context.Response.Redirect(context.RedirectUri); return Task.CompletedTask; } }; }) .AddEntityFrameworkStores<ApplicationDbContext>() .AddDefaultTokenProviders();
Thanks Shaheem
Are you sure you want to hide this comment? It will become hidden in your post, but will still be visible via the comment's permalink.
Hide child comments as well
Confirm
For further actions, you may consider blocking this person and/or reporting abuse
First of all let me say this is an excellent post.
I have one question though.
I have implemented this with an WEB API project. If the user is not authorized (e.g. token expired) a 404 Not found is returned.
How can you return an unauthorized status instead of "404 Not found"
With cookies I had implemented it as such
Thanks
Shaheem