How to change HTTP 401 response in ServiceStack?

问题

By default, ServiceStack returns http status 401 when I try to call anything before authorization. How do I return http status 200 and my DTO instead of that?

Ideally, I want to show boolean NeedAuth=true flag in ResponseStatus application wide, if I try calling anything unauthorized.

回答1:

The 401 is written to the Response, there's no current way to undo that. If you have special requirements, you don't want to use the built-in Authentication functionality.

Just create your own Request Filter that does exactly what you want, that's how the built-in Auth works, it's just a Request Filter.

回答2:

I've modified my previously created custom AuthProvider. Now if I call anything before authentication or try to provide wrong credentials, I get HTTP 200 OK status and this response:

{
    "NeedAuth": true
}

I've extended AuthResponse:

public class MyAuthResponse : AuthResponse
{
    public bool? NeedAuth { get; set; }
}

And modified my custom AuthProvider inherited from CredentialsAuthProvider:

// This one is called when I call anything before authorization
public override void OnFailedAuthentication(IAuthSession session, ServiceStack.ServiceHost.IHttpRequest httpReq, ServiceStack.ServiceHost.IHttpResponse httpRes)
{
    httpRes.StatusCode = (int)HttpStatusCode.OK;
    var callback = httpReq.GetJsonpCallback();
    var doJsonp = EndpointHost.Config.AllowJsonpRequests && !string.IsNullOrEmpty(callback);
    var res = new MyAuthResponse() { NeedAuth = true };
    if (doJsonp)
        httpRes.WriteToResponse(httpReq, res, (callback + "(").ToUtf8Bytes(), ")".ToUtf8Bytes());
    else
        httpRes.WriteToResponse(httpReq, res);
}

// This one is called when I try to login
public override object Authenticate(IServiceBase authService, IAuthSession session, Auth request)
{
    var userName = request.UserName;
    var password = request.Password;
    var res = new MyAuthResponse();

    if (!LoginMatchesSession(session, userName))
    {
        authService.RemoveSession();
        session = authService.GetSession();
    }

    if (TryAuthenticate(authService, userName, password))
    {
        if (session.UserAuthName == null)
            session.UserAuthName = userName;

        OnAuthenticated(authService, session, null, null);

        res.UserName = userName;
        res.SessionId = session.Id;
    }
    else
        res.NeedAuth = true;

    return res;
}

来源：https://stackoverflow.com/questions/13855996/how-to-change-http-401-response-in-servicestack