Home > Net >  ASP.NET Core Web API how to catch the 401 and 403 errors using the try catch method
ASP.NET Core Web API how to catch the 401 and 403 errors using the try catch method

Time:12-03

I am using the libraries Microsoft.AspNetCore.Http and Microsoft.AspNetCore.Mvc. I am also using Identity's JWT token.

When the token has expired, the API throws a http 401 error, and if the claims are wrong, it returns a http 403 error.

I need to be able to catch those two statues and wrap them in my uniform error message format

public class ErrorMessage
{
     public int httpStatus { get; set; }
     public string Header { get; set; } = "Error";
     public string Message { get; set; }
}

My Standard API format

[Authorize]
[HttpPost]
[Route("Logout")]
public async Task<IActionResult> Logout()
{
    try
    {
        ....
    }
    catch (Exception e)
    {
        _logger.LogError($"Error in {nameof(Login)}: {e}");
        return BadRequest(new ErrorMessage { httpStatus = 500, Message = e.Message });
    }
}

CodePudding user response:

As per Handle errors in ASP.NET Core, you can use UseStatusCodePages:

app.UseStatusCodePages(async statusCodeContext =>
{
    switch (statusCodeContext.HttpContext.Response.StatusCode)
    {
        case 401:
            statusCodeContext.HttpContext.Response.StatusCode = 400;
            await statusCodeContext.HttpContext.Response.WriteAsJsonAsync(new ErrorMessage { httpStatus = 500, Message = "some message" });
            break;
        case 403:
            statusCodeContext.HttpContext.Response.StatusCode = 400;
            await statusCodeContext.HttpContext.Response.WriteAsJsonAsync(new ErrorMessage { httpStatus = 500, Message = "some message" });
            break;
    }
});

CodePudding user response:

You can accomplish this by adding the following to the Configure method in your Startup.cs

This will let you intercept and change aspects of the response as well as the content type. In the below example, we're returning a simple JSON object with a Message.

app.Use(async (context, next) =>
{
    await next();

    if (context.Response.StatusCode == (int)HttpStatusCode.Unauthorized) // 401
    {
        context.Response.ContentType = "application/json";


        await context.Response.WriteAsync(new { 
            Message = "You must be logged in to access this resource."
        }.ToString());
    }

    if (context.Response.StatusCode == (int)HttpStatusCode.Forbidden) // 403
    {
        context.Response.ContentType = "application/json";

        await context.Response.WriteAsync(new
        {
            Message = "Your claims are incorrect."
        }.ToString());
    }
});

Page link:https//www.codepudding.com/net/214634.html

Prev:How to upgrade from RijndaelManaged to AES?
Next:SQL connection selecting row to delete
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding