I have an ASP.NET Core application that uses MVC, and I recently added authentication to it. It worked fine when testing locally, but after I published the app and installed it on another server, the login method always returns a 404 error.
The weird thing is, only the login method has this problem - if I open up Postman and make a request to one of the other API methods, it will return 401 Unauthorized (as expected, since I'm not logged in). So I know I have the right URL, but it's still returning a 404.
The Login method is written exactly the same as the other methods, the only difference I can see is that it has [AllowAnonymous] instead of [Authorize] in the attributes.
The other oddity I've noticed is that it takes quite a long time (~30 seconds) before it returns a 404 error. Requests to other controllers don't have the same delay.
None of this makes any sense - why does that method fail, when another method on the same controller gets routed properly? Why a 404 error? And why does it work on my local machine?
Login controller:
[Produces("application/json")]
[Route("api/[controller]")]
public class LoginController : Controller
{
private readonly ILoginService _service;
private readonly CustomTokenOptions _tokenOptions;
private readonly IMemoryCache _memoryCache;
public LoginController(ILoginService service, IMemoryCache memoryCache, IConfiguration configuration)
{
_service = service;
_tokenOptions = new CustomTokenOptions();
configuration.GetSection("TokenAuthentication").Bind(_tokenOptions);
_memoryCache = memoryCache;
}
[AllowAnonymous]
[HttpPost("[action]")]
public IActionResult GetToken()
{
//Returns a JWT token
//This method returns a 404 Not Found
}
[Authorize(Policy="AllowedGroups")]
[HttpPost("[action]")]
public IActionResult Logout()
{
//This method works
}
}
Client code:
var basePath = $("base").first().attr("href");
function login() {
$("#btnLogin").attr("disabled", true);
username = $("#username").val();
password = $("#password").val();
request = $.ajax({
url: basePath + "api/Login/GetToken",
async: true,
type: "POST",
headers: {
username: username,
password: password
}
});
function logout() {
request = $.ajax({
url: basePath + "api/Login/Logout",
async: true,
type: "POST",
headers: {
"Authorization": "Bearer " + self.token()
}
}).then(function () {
self.loggedIn(false);
self.token("");
});
}
Other things I've tried for debugging purposes:
Deleting the contents of the GetToken() method and replacing it with return StatusCode(200);
This means that there's nothing inside the GetToken method that's responsible for the error.
Commenting out the UseAuthentication
and Authorize
statements in my code. The error still happens when authentication is off.
Renaming the GetToken method to something else.
Answered by @WictorZychla. The LoginService in the constructor was failing, so the error happened before it ever got to the controller action.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.