How to Return HTTP Status Code 401 (Unauthorized) from OnHeartbeatInit

smatsevilo · July 13, 2017, 8:52pm

Hello,

What is the correct way to return HTTP status code 401 (Unauthorized) from OnHeartbeatInit event handler.

I’m currently throwing HttpError.Unauthorized (see code below) but that results in status code 500.

var session = request.GetSession();
if (session.IsAuthenticated)
{
  . . .
}
else
{
  throw HttpError.Unauthorized("Session is not authenticated.");
}

Thank you,

Serge

mythz · July 13, 2017, 9:00pm

Have a look at how we’re doing it

Basically in a filter you should write directly to the response instead of throwing an exception, e.g:

res.StatusCode = (int)HttpStatusCode.Unauthorized;
res.StatusDescription = "Thou shall not pass";
res.EndHttpHandlerRequest(skipHeaders: true);