发表新帖
发表新帖

How do I redirect after authentication in ServiceStack

后端 未结
关注
2 1900
心在旅途
心在旅途 2021-02-08 18:40

I\'ve overridden the CredentialsAuthProvider like so:

public override bool TryAuthenticate(IServiceBase authService, string userName, string password)
        {
相关标签:
2条回答
  • 暖寄归人
    2021-02-08 19:22

    mythz,

    Good call on making this OSS. :)

    You are correct regarding the order of precedence:

    1. The Continue QueryString, FormData or Request DTO variable when making the request to /auth
    2. The Session.ReferrerUrl Url The HTTP
    3. Referer HTTP Header
    4. The CallbackUrl in the AuthConfig of the current AuthProvider used

    So in my example, I didn't have the Continue QueryString, Form Data or Request DTO variable, and I didn't have the CallbackUrl, and certainly not the Session.ReferrerUrl because this is the first post of the Session.

    From AuthService.cs:

    var referrerUrl = request.Continue
    ?? session.ReferrerUrl
    ?? this.RequestContext.GetHeader("Referer")
    ?? oAuthConfig.CallbackUrl;

    By default referrerUrl will have the Referer header value from the request. And that is what is going to be assigned to the Location header further down the Post method of the AuthService.cs:

    if (!(response is IHttpResult))
                    {
                        return new HttpResult(response) {
                            Location = referrerUrl
                        };
                    }

    Once authenticated, and the session.ReferrerUrl is set here the response will be sent to the client with the Location property above set to the original referrer, not the value below:

    public override void OnAuthenticated(IServiceBase authService, IAuthSession session, IOAuthTokens tokens, Dictionary<string, string> authInfo)
        {
            session.ReferrerUrl = "http://www.msn.com";
        }

    It's only on the second POST of the same session will the client navigate to www.msn.com (in this example) because the session has already been populated. I think this:

    var referrerUrl = request.Continue
                ?? session.ReferrerUrl
                ?? this.RequestContext.GetHeader("Referer")
                ?? oAuthConfig.CallbackUrl;

    Needs to be determined after the call to auth.

    0 讨论(0)
  • 灰色年华
    2021-02-08 19:35

    The different places where you can set the Url to redirect to during ServiceStack Authentication, in order of precedence are:

    1. The Continue QueryString, FormData or Request DTO variable when making the request to /auth
    2. The Session.ReferrerUrl Url
    3. The HTTP Referer HTTP Header
    4. The CallbackUrl in the AuthConfig of the current AuthProvider used

    Given these order of preferences, if the request didn't have a Continue parameter, it should use the session.ReferrerUrl, so you could do:

    if (roleA) session.ReferrerUrl = "http://myPage1Url";
if (roleB) session.ReferrerUrl = "http://myPage2Url";
    0 讨论(0)
 看不清?
提交回复
热议问题