I am sending Token from client side to server as
"Authorization: Bearer eyJhbGciOiJodHR......"
i want to restrict users who does n't have tokens
here is my code.
services.AddAuthorization(auth =>
{
auth.AddPolicy("Have", new AuthorizationPolicyBuilder()
.AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
.RequireAuthenticatedUser().Build());
});
services.AddMvc(config =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
config.Filters.Add(new AuthorizeFilter(policy));
});
app.UseJwtBearerAuthentication(options =>
{
options.AutomaticAuthenticate = false;
});
Even if i turn AutomaticAuthenticate i get 500 error if false then 401 error
[Authorize(Policy ="Have")]
[HttpGet]
[Route("list")]
public IEnumerable<Products> List()
{
.......
}