Open TheCarlR opened 4 years ago
Probably something like this would work.
services.AddAuthentication(o =>
{
o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie(c =>
{
c.Events.OnRedirectToAccessDenied = (context) => { context.Response.StatusCode = 403; return Task.CompletedTask; };
c.Events.OnRedirectToLogin = (context) => { context.Response.StatusCode = 401; return Task.CompletedTask; };
});
Then again, I think it needs something more to be able to use the token received when finally being logged in. Maybe it should have been Jwt, because that would have given 401 by default? I'm very confused by the sample.
Me too, same issue and confusion. How to get the Authorize attribute working after a successful login with a social provider?
Description
I'm trying to make sense of the WebAuthenticator documentation and sample. Especially in the server code. When using this implementation, it must be assumed that I in another Controller can use the [Authorize] attribute to require authentication. But when I do that what happens is that it tries to redirect to /Account/Login which in turn doesn't exist, giving a 404.
Steps to Reproduce
Expected Behavior
401 I guess. But please guide me if I'm wrong.
Actual Behavior
Redirect to Login?ReturnUrl=%&2Fapi%2Fsample
Screenshots
https://i.stack.imgur.com/rYnwT.png