c# - Authorization in ASP.NET Core. Always 401 Unauthorized for [Authorize] attribute

Question

Welcome To Ask or Share your Answers For Others

c# - Authorization in ASP.NET Core. Always 401 Unauthorized for [Authorize] attribute

posted Oct 24, 2021 in Technique[技术] by 深蓝 (71.8m points)

c# - Authorization in ASP.NET Core. Always 401 Unauthorized for [Authorize] attribute

For the first time I'm creating Authorization in ASP.NET Core. I used tutorial from here TUTORIAL

The problem is when I sending request from postman:

Authorization:Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6I...

to my method in controller decorated with [Authorize] attribute.

I receive 401 Unauthorized always... I saw comments bellow that tutorial and it seems that some people have similar issue also. I've no idea how I can solve this problem.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Reply

深蓝 · Answer 1 · 2021-10-23T17:57:47+0000

At the request of others here is the answer:

The problem was with the middleware order in Startup.cs

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
    ConfigureAuth(app); // your authorisation configuration

    app.UseMvc();
}

Why middleware order is important? If we put app.UseMvc() first - then the MVC actions would get in the routing and if they see the Authorize attribute they will take control of its handling and that's why we receives 401 Unauthorized error.

I hope it helps someone ;)

Categories

c# - Authorization in ASP.NET Core. Always 401 Unauthorized for [Authorize] attribute

c# - Authorization in ASP.NET Core. Always 401 Unauthorized for [Authorize] attribute

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags