0

As per this question, there's a way to change redirect URL for ServiceStack auth services.

However, when inheriting my controllers from ServiceStackController<AuthUserService> this obviously doesn't work because ServiceStackController hardcodes the redirect URL and changing this in AuthFeature registration has no effect on it.

My questions are:

1) what is the correct way to go around this problem?

There is an option to override LoginRedirectUrl, is this it? What's the point of the Authenticate attribute's HtmlRedirect property or the AuthFeature's one?

2) And what is the purpose of ServiceStackController altogether?

3) I have put [Authenticate] on my base controller and the [Authenticate] attribute seems to ignore the [AllowAnonymous] attribute that I put on the Login actions of the account controller.

I know those two are completely separate and [AllowAnonymous] coming from System.Web but is there an "allow" attribute in ServiceStack?

Community
  • 1
  • 1
mare
  • 13,033
  • 24
  • 102
  • 191

2 Answers2

2

I am assuming you are using ServcieStack alongside an ASP.NET MVC application...

1) what is the correct way to go around this problem?

In my MVC Controller that inherits from ServiceStackController I added this for handling redirects. 

public override ActionResult AuthenticationErrorResult
{
    get
    {
        if (this.AuthSession == null || this.AuthSession.IsAuthenticated == false)
        {
            return Redirect("~/Home/Login");
        }
        return base.AuthenticationErrorResult;
    }
}

What's the point of the Authenticate attribute's HtmlRedirect property or the AuthFeature's one
I'm pretty sure the HtmlRedirect works as expected when not making requests to MVC controllers (ie. calling /api/foo, assuming ServiceStack's custompath is '/api'). I think there are some issues with MVC 'hijacking the return'.

2) And what is the purpose of ServiceStackController altogether?
My understanding is that it's main purpose is to share Session data between ServiceStack and MVC

but is there an "allow" attribute in ServiceStack?
Not that I am aware of but since Authenticate is just a filter you could probably create a subclass of it and add some type of support for 'allow'.

paaschpa
  • 4,816
  • 11
  • 15
0

Not sure if it's new, but looked at the code and it is actually just optional third parameter of AuthFeature constructor, so you can just:

//htmlRedirect is optional 3rd param of AuthFeature constructor, here passing "~/signin"
Plugins.Add(new AuthFeature(() => new AuthUserSession(),
    new IAuthProvider[] { new CredentialsAuthProvider(), },
    "~/signin"));
Darren
  • 9,014
  • 2
  • 39
  • 50