We're a place where coders share, stay up-to-date and grow their careers.
First of all let me say this is an excellent post.
I have one question though.
I have implemented this with an WEB API project. If the user is not authorized (e.g. token expired) a 404 Not found is returned.
How can you return an unauthorized status instead of "404 Not found"
With cookies I had implemented it as such
services.AddIdentity<ApplicationUser, IdentityRole>(identityOptions => { identityOptions.Cookies.ApplicationCookie.Events = new CookieAuthenticationEvents { OnRedirectToLogin = context => { if (context.Request.Path.StartsWithSegments("/api") && context.Response.StatusCode == (int)HttpStatusCode.OK) context.Response.StatusCode = (int)HttpStatusCode.Unauthorized; else context.Response.Redirect(context.RedirectUri); return Task.CompletedTask; } }; }) .AddEntityFrameworkStores<ApplicationDbContext>() .AddDefaultTokenProviders();
Thanks Shaheem
First of all let me say this is an excellent post.
I have one question though.
I have implemented this with an WEB API project. If the user is not authorized (e.g. token expired) a 404 Not found is returned.
How can you return an unauthorized status instead of "404 Not found"
With cookies I had implemented it as such
Thanks
Shaheem