Home/ Questions/Q 8996217
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-15T23:43:30+00:00

By default, ServiceStack returns http status 401 when I try to call anything before

  • 0

By default, ServiceStack returns http status 401 when I try to call anything before authorization.
How do I return http status 200 and my DTO instead of that?

Ideally, I want to show boolean NeedAuth=true flag in ResponseStatus application wide, if I try calling anything unauthorized.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I’ve modified my previously created custom AuthProvider.
    Now if I call anything before authentication or try to provide wrong credentials, I get HTTP 200 OK status and this response:

    {
    "NeedAuth": true
}

    I’ve extended AuthResponse:

    public class MyAuthResponse : AuthResponse
{
    public bool? NeedAuth { get; set; }
}

    And modified my custom AuthProvider inherited from CredentialsAuthProvider:

    // This one is called when I call anything before authorization
public override void OnFailedAuthentication(IAuthSession session, ServiceStack.ServiceHost.IHttpRequest httpReq, ServiceStack.ServiceHost.IHttpResponse httpRes)
{
    httpRes.StatusCode = (int)HttpStatusCode.OK;
    var callback = httpReq.GetJsonpCallback();
    var doJsonp = EndpointHost.Config.AllowJsonpRequests && !string.IsNullOrEmpty(callback);
    var res = new MyAuthResponse() { NeedAuth = true };
    if (doJsonp)
        httpRes.WriteToResponse(httpReq, res, (callback + "(").ToUtf8Bytes(), ")".ToUtf8Bytes());
    else
        httpRes.WriteToResponse(httpReq, res);
}

// This one is called when I try to login
public override object Authenticate(IServiceBase authService, IAuthSession session, Auth request)
{
    var userName = request.UserName;
    var password = request.Password;
    var res = new MyAuthResponse();

    if (!LoginMatchesSession(session, userName))
    {
        authService.RemoveSession();
        session = authService.GetSession();
    }

    if (TryAuthenticate(authService, userName, password))
    {
        if (session.UserAuthName == null)
            session.UserAuthName = userName;

        OnAuthenticated(authService, session, null, null);

        res.UserName = userName;
        res.SessionId = session.Id;
    }
    else
        res.NeedAuth = true;

    return res;
}
    • 0