Antediluvian
Reputation: 733
.net core web api jwt
I have a web api project where:
- some controller actions need a JWT authentication,
- some do not need a JWT authentication,
- some return different data depending on the validity of the JWT provided where the data only differs in one field's value.
The 1st one is easy as the JWT authentication middleware will handle it but how can I achieve the other 2?
Upvotes: 0
Views: 75
Answers (1)
Robert Perry
Reputation: 1954
2). Add the [AllowAnonymous] attribute to the endpoint or the controller to turn off authentication for that endpoint/controller.
3). You will need to do a check on the Users Claims (provided you have added the different permissions into there - and the apply logic to your return values depending on those values. If you return an IHttpActionResult like so, you can dynamically change the return values depending on your logic.
public IHttpActionResult GetProduct(int id)
{
var product = products.FirstOrDefault((p) => p.Id == id);
if (product == null)
{
return NotFound();
}
return Ok(product);
}
Upvotes: 1
Related Questions
- Use .NET Core Identity with an API
- Simple JWT authentication in ASP.NET Core 1.0 Web API
- Authorization on .NET Core 2.1 Web API built on .NET Framework problem
- Dotnet Core 3 MVC authentication to Core API
- .NET Core Web API Authentication and .NET Identity
- Claims Identity .NET CORE 3.0 API JWT
- .net Core 3 Web API JWT unauthorized
- JWT-based Authorization for API in .NET Core 2: No Unauthorized Error
- JWT on .NET Core 2.0
- How to use JWT for asp.net Core