Gekctek
commented
7 years ago As far as I remember from this project (its been a little bit since I have worked on it) the basic auth middleware only marks if a request is/isnt valid for basic auth. I does not actually stop the process and prompt for the username/password but rather marks the current request with information and MVC or any other middleware can check to see if it requires you to be authorized/authenticated. That is what the [Authorize] attribute is for, without it the controller should work just fine. There are a couple options that may affect behavior such as AutomaticChallenge, but I don't exactly remember how that works off the top of my head.
If you need help you may need to show me some of the code you are working with.
Also if you need to override the [Authorize] there is the [AllowAnonymous] attribute, but that does not seem to be your issue.
Is there a way to use this package on individual controllers? Currently, all pages are prompting for username and password.