Using hangfire version: 1.6.17
I have successfully setup hangifire on aspnetcore 2.0
I added authorization by using:
app.UseHangfireDashboard("/jobs", new DashboardOptions
{
Authorization = new[] { new HangfireAuthorizationFilter() }
});
and
public class HangfireAuthorizationFilter :IDashboardAuthorizationFilter
{
private const string PERMISSION = "read:jobs";
public bool Authorize(DashboardContext context)
{
var httpContext = context.GetHttpContext();
// allow only users with correct permission
if (httpContext.User.Identity.IsAuthenticated)
{
var permissions = httpContext.User.Claims.FirstOrDefault(x => x.Type.Equals(CustomClaims.Permissions))?.Value?.Split(' ');
return permissions?.Contains(PERMISSION) ?? false;
}
return false;
}
}
The only problem i cannot resolve is that a blank screen with 401 is returned to the user instead of the default challenge /account/login.
If you access my controllers with the [Authorize] attribute, they are automatically redirected to /account/login, so the loginpath is working.
Even if i specify it specifically, the user is not redirected while accessing Hangfire unauthorised:
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie(options =>
{
options.LoginPath = "/Account/Login/";
})
Somebody an idea?