当ServiceStack验证失败，没有自动跳转？ [英] When ServiceStack authentication fails, do not redirect?

问题描述

我们正在建立一个ServiceStack的API，将使用基本身份验证。目前我已经设置了身份验证在我APPHOST如下：

We're building a ServiceStack API which will use Basic authentication. I've currently set up the auth in my AppHost as follows:

var authDb = new OrmLiteConnectionFactory("Server=(...);", true, MySqlDialectProvider.Instance);

var authRepo = new OrmLiteAuthRepository(authDb);
authRepo.CreateMissingTables();
container.Register<ICacheClient>(c => new MemoryCacheClient());
container.Register<IUserAuthRepository>(c => authRepo);

Plugins.Add(
    new AuthFeature(() => new AuthUserSession(), new IAuthProvider[] { new BasicAuthProvider() })
);

在做，没有授权头或错误的用户名+请求传递响应重定向到/Account/Login.aspx?ReturnUrl = ...

When doing a request with no Authorization header or the wrong username+pass the response is a redirect to /Account/Login.aspx?ReturnUrl=...

Parital请求+响应例如：

Parital request + response example:

POST http://localhost:60278/reserve HTTP/1.1

HTTP/1.1 302 Found
Location: /Account/Login.aspx?ReturnUrl=%2freserve
X-Powered-By: ServiceStack/3,924 Win32NT/.NET

有没有一种方法，使之只用HTTP 401未授权或HTTP响应403禁止访问？

Is there a way to make it respond with only a HTTP 401 Unauthorized or a HTTP 403 Forbidden ?

推荐答案

在默认情况下ServiceStack的AuthFeature将只尝试重定向到默认的〜/登录路径<强> HTML 内容类型的请求。您可以通过在AuthFeature设置为null重定向路径重写这样的：

By default ServiceStack's AuthFeature will only try to redirect you to the default ~/login path for HTML Content-Type requests. You can override this by setting the redirect path in the AuthFeature to null:

Plugins.Add(new AuthFeature(...) { HtmlRedirect = null });

这将回落到标准 401未经授权响应，其他内容类型得到。

This will fall back to the standard 401 UnAuthorized Response that the other Content-Types get.

在全球范围内设置HtmlRedirect为null，则可以将其添加回即席基础上，如：

After globally setting the HtmlRedirect to null, you can add it back on an adhoc basis, e.g:

[Authenticate(HtmlRedirect="~/path/to/redirect/to")]

这篇关于当ServiceStack验证失败，没有自动跳转？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！