问题
I have the same problem as this: https://forum.aspnetboilerplate.com/viewtopic.php?f=5&t=4865, but I have ABP v2.1 with module-zero-core-template.
I'm using Web.Mvc project as my startup project and I want to make API calls.
When I perform an unauthorized request to the API, I got a "200 OK" response instead of a "401". Where did I make a mistake?
回答1:
ASP.NET Core 1.x
ABP v2.x / module-zero-core-template v2.x
Modify IdentityRegistrar in .Core project:
// Before
services.AddAbpIdentity<Tenant, User, Role>()
// After
services.AddAbpIdentity<Tenant, User, Role>(options =>
{
options.Cookies.ApplicationCookie.AutomaticChallenge = false;
})
Reference: https://github.com/aspnet/Security/issues/804
ASP.NET Core 2.0
ABP v3.x / module-zero-core-template v3.0.0 – v3.4.0
Modify AuthConfigurer in .Web.Mvc / .Web.Host project:
// Before
services.AddAuthentication()
// After
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = "JwtBearer";
options.DefaultChallengeScheme = "JwtBearer";
})
Reference: 92b6270 in module-zero-core-template v3.5.0
回答2:
This authorization doc will give you each and every detail.
来源:https://stackoverflow.com/questions/45144589/abp-401-response-from-api-instead-of-redirect