C
C#17mo ago
My Name is Daniel

✅ .net 7 rest api CORS issue with Authentication

Hey so I'm trying to set up something I've never done before so I can get the PC name of people connecting to my API (This is a business Intranet website that calls the api) 
blah blah blah
using Microsoft.AspNetCore.Authentication.Negotiate;

var builder = WebApplication.CreateBuilder(args);

// Add services to the container.
builder.Services.AddSingleton<DapperContext>();
builder.Services.AddScoped<IRepo, Repo>();
builder.Services.AddHttpContextAccessor();
builder.Services.AddControllers();
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle

builder.Services.AddCors(options =>
{
    options.AddDefaultPolicy(
        policy =>
        {
            policy.WithOrigins("http://localhost:4200/",
                                "https://localhost:4200/").AllowAnyMethod().AllowAnyHeader().AllowCredentials();
        });
});
builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
   .AddNegotiate(); // which used by microsoft.aspnetcore.authentication.negotiate nuget package
builder.Services.AddAuthorization(options =>
{
    // By default, all incoming requests will be authorized according to the default policy.
    options.FallbackPolicy = options.DefaultPolicy;
});



builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();

var app = builder.Build();
//after app intialization:
app.UseCors();
app.UseAuthentication();
app.UseAuthorization();





// Configure the HTTP request pipeline.
//if (app.Environment.IsDevelopment())
//{
    app.UseSwagger();
    app.UseSwaggerUI();
//}

app.MapControllers();


app.Run();
blah blah blah
using Microsoft.AspNetCore.Authentication.Negotiate;

var builder = WebApplication.CreateBuilder(args);

// Add services to the container.
builder.Services.AddSingleton<DapperContext>();
builder.Services.AddScoped<IRepo, Repo>();
builder.Services.AddHttpContextAccessor();
builder.Services.AddControllers();
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle

builder.Services.AddCors(options =>
{
    options.AddDefaultPolicy(
        policy =>
        {
            policy.WithOrigins("http://localhost:4200/",
                                "https://localhost:4200/").AllowAnyMethod().AllowAnyHeader().AllowCredentials();
        });
});
builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
   .AddNegotiate(); // which used by microsoft.aspnetcore.authentication.negotiate nuget package
builder.Services.AddAuthorization(options =>
{
    // By default, all incoming requests will be authorized according to the default policy.
    options.FallbackPolicy = options.DefaultPolicy;
});



builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();

var app = builder.Build();
//after app intialization:
app.UseCors();
app.UseAuthentication();
app.UseAuthorization();





// Configure the HTTP request pipeline.
//if (app.Environment.IsDevelopment())
//{
    app.UseSwagger();
    app.UseSwaggerUI();
//}

app.MapControllers();


app.Run();
This is my program.cs it works as intended in swagger but when I use my front end app it gives me a cors error Any help would be appreciate
7 Replies
My Name is Daniel
My Name is DanielOP17mo ago
Also if I strip out Authentication it works but doesn't send the right info back so can't access the pc name
Pobiega
Pobiega17mo ago
Http Vs https Your cors policy says https, but you are visiting from http
Tarcisio
Tarcisio17mo ago
He has one for both no?
My Name is Daniel
My Name is DanielOP17mo ago
I do have one for both
Pobiega
Pobiega17mo ago
Ah yep, mobile made that hard to see 😄 try removing the trailing slash
Tarcisio
Tarcisio17mo ago
yeah i'd say that
My Name is Daniel
My Name is DanielOP17mo ago
That was it! Really thank you both. That was the most annoying thing I've dealt with in a long time
Want results from more Discord servers?
Add your server