I want to check if the access token is in the blacklist, and then return Unauthorized.
public class CheckBannedTokenAttribute : Attribute, IAsyncAuthorizationFilter
{
public Task OnAuthorizationAsync(AuthorizationFilterContext context)
{
if (TokenInBlackList("232322323"))
{
//context.Result = new HttpStatusCodeResult(HttpStatusCode.Unauthorized);
}
}
}
You are right that you need to fill context.Result
. Cause you want to return 401 Unauthorized
as response, use built-in UnauthorizedResult
class:
if (TokenInBlackList("232322323"))
{
context.Result = new UnauthorizedResult();
return Task.CompletedTask;
}
In general, this is the same as new StatusCodeResult(401)
This will give you the classic "401 Unauthorized" that you expect.
async Task IAsyncAuthorizationFilter.OnAuthorizationAsync(AuthorizationFilterContext context)
{
ClaimsPrincipal user = context.HttpContext.User;
if (!user.Identity.IsAuthenticated)
{
context.Result = new ChallengeResult();
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With