I am trying to implement authentication to hangfire, where I am using the basic authentication. I realize from the log that they are prompting that StatusCode cannot be set because the response has already started.
Did anyone encounter something like this? or how should I authenticate my dashboard with basic authentication?
\ DashboardOptions options = new DashboardOptions
{
DashboardTitle = "Scheduler",
Authorization = new[] {
new CustomAuthorizationFilter(new[]
{
// TODO: change to appsettings
new HangfireUserCredentials
{
Username = _configuration["Scheduler:username"],
Password = _configuration["Scheduler:password"]
}
})
}
};
public bool Authorize([NotNull]DashboardContext dashboardContext)
{
HttpContext context = dashboardContext.GetHttpContext();
//return context.User.Identity.IsAuthenticated;
string header = context.Request.Headers["Authorization"];
if (!string.IsNullOrWhiteSpace(header))
{
AuthenticationHeaderValue authValues = AuthenticationHeaderValue.Parse(header);
if ("Basic".Equals(authValues.Scheme, StringComparison.InvariantCultureIgnoreCase))
{
string parameter = Encoding.UTF8.GetString(Convert.FromBase64String(authValues.Parameter));
string[] parts = parameter.Split(':');
if (parts.Length > 1)
{
string username = parts[0];
string password = parts[1];
if ((!string.IsNullOrWhiteSpace(username)) && (!string.IsNullOrWhiteSpace(password)))
{
return Users.Any(user => user.ValidateUser(username, password)) || Challenge(context);
}
}
}
}
return Challenge(context);
}
private static bool Challenge(HttpContext context)
{
context.Response.StatusCode = 401;
context.Response.Headers.Append("WWW-Authenticate", "Basic realm=\"Hangfire Dashboard\"");
context.Response.WriteAsync("Authentication is required.");
return false;
}