.net api configuration for JWT tokens

Question

User-1619000197 posted

i'm trying to make an api with JWT token and it's working quite well, i write a custom authorize filter and in that filter i verify the token in authentication header but if e.g user enter a wrong URL i just want to get 404 error but api is returning 404 with html response like this

here is my WebApiConfig.cs i think i need to make some changes in it?

public static void Register(HttpConfiguration config)
    {
        // Web API configuration and services

        // i think i need to make some changes here.
        config.SuppressDefaultHostAuthentication();
        config.Filters.Add(new AuthorizeAttribute());

        config.MapHttpAttributeRoutes();

        config.Routes.MapHttpRoute(
            name: "DefaultApi",
            routeTemplate: "api/{controller}/{id}",
            defaults: new { id = RouteParameter.Optional }
        );
    }

 have achieved the same with .net core api but i don't know how to do it in .net framework i tried to search but didn't found anything

Answer 1

User475983607 posted

Maybe you forgot "api" in the URL?  The URL depends on the attribute route which we cannot see.

Also ASP.NET and core have builtin JWT libraries that are wired to the standard [Authorize] attribute.  There is no need to create a custom solution.

Answer 2

User1686398519 posted

Hi zbrkhakwani, 

1. If you create ASP.NET WebAPI, there are WebApiConfig.cs and RouteConfig.cs by default.
   1. RouteConfig.cs is only used to configure ASP.NET routing.
   2. WebApiConfig.cs is suitable for any Web API-related configuration, including Web API-specific routing, Web API services and other Web API settings.
   3. In order to distinguish between api and mvc routing, "api" is used in routing by default to avoid conflicts with ASP.NET MVC routing.
2. In other words, the path you requested will match the url: "{controller}/{action}/{id}" (in the RouteConfig.cs file). If the action is not found, the default 404 page will be returned. So you will get an html response.
3. But when you request a path like ":http:xxxx/api/xxx", the matching route will be searched in WebApiConfig.cs. If it can't be found, it will also return a response containing error information.
4. In other words, the problem you encounter should be how to customize the error message returned in MVC.
5. Here is a solution, you can refer to it.More details, you could refer to below code:

Global.asax

        protected void Application_Error(object sender, EventArgs e)
        {
            var ex = Server.GetLastError().GetBaseException();
            if (ex.GetType() == typeof(HttpException))
            {
                var httpException = (HttpException)ex;
                switch (httpException.GetHttpCode())
                {
                    case 404:
                        Response.Redirect("~/Error/NotFound?message=" + httpException.GetHttpCode() + ":" + httpException.Message);
                        break;
                    default:
                        Response.Redirect("~/Error/OtherError?message=" + httpException.GetHttpCode() + ":" + httpException.Message);
                        break;
                }
            }
            else
            {
                Response.Redirect("~/Error/NotFound");
            }
        }

ErrorController

    public class ErrorController : Controller
    {
        public ActionResult NotFound(string message)
        {
            return Content(message);
        }
        public ActionResult OtherError(string message)
        {
            return Content(message);
        }
    }

Here is the result.

Best Regards,

YihuiSun

Answer 3

User-1619000197 posted

Thanks <3