0

I'm running a .net core app with vue.js as a SPA

Suddenly Im having issues accessing API's from cetain clients. Performing a GET on the out of the box sample API http://localhost:63861/api/SampleData/WeatherForecasts

In Postman I get a 200OK with html and this message

We're sorry but ClientApp doesn't work properly without JavaScript enabled. Please enable it to continue.

With RestClient I get 404 html with this message

Cannot GET /Account/Login

If I access the url in chrome the data appears fine, no issues. Also within my client app API calls work fine.

Also, at one point this worked fine from the clients too

Where I could I possibly be going wrong with this?

maybe my vue setup? Any pointers where to check will be helpful. This is a snippet from my startup.cs

    app.UseSpa(spa =>
    {
        spa.Options.SourcePath = "ClientApp";

        if (env.IsDevelopment())
        {
            spa.UseVueCli(npmScript: "serve", port: 8080);
        }
    });
Panagiotis Kanavos
  • 120,703
  • 13
  • 188
  • 236
raklos
  • 28,027
  • 60
  • 183
  • 301
  • You can use [postman interceptor extension](https://chrome.google.com/webstore/detail/postman-interceptor/aicmkgpgakddgnaphhhpliifpcfhicfo?hl=en), which will capture all your calls and you can edit them in postman. Is your backend on different port than frontend? Do you have `devServer` `proxy` set up in your webpack? – ljubadr Jan 22 '19 at 22:42
  • @ljubadr, I used vue clii to create the vue project, with no tinkering with webpack. backend uses same port as frontend, i believe the startup.cs takes care of serving it correctly – raklos Jan 22 '19 at 23:03
  • Use interceptor extension to capture the calls, and then you can re-run them from the postman and edit them as needed. Easier than manually creating calls from scratch. – ljubadr Jan 22 '19 at 23:08
  • `vue-cli` still uses webpack, but with most of the things pre-configured. You can still override defaults by using the file [vue.config.js](https://cli.vuejs.org/config/#vue-config-js) – ljubadr Jan 22 '19 at 23:11
  • The redirection to `Account/Login` suggests you tried to call a URL that requires authentication. What kind of authentication have you configured? You'll have to configure your calls to use it, eg add the basic authentication headers or use an authentication token – Panagiotis Kanavos Jan 23 '19 at 08:36

2 Answers2

0

An [Authorize] attribute on the controller is what is causing the issue with the clients, removing this makes it work fine.

which gives me another problem

raklos
  • 28,027
  • 60
  • 183
  • 301
  • It doesn't work fine. It means you have the same problem as before - you're trying to make an anonymous call to a URL that requires authentication. What kind of authentication have you set up? Basic authentication? Google or Facebook? Tokens? – Panagiotis Kanavos Jan 23 '19 at 08:34
  • @PanagiotisKanavos, agree i still have a problem. I'm using jwt token based authentication passing a bearer token. – raklos Jan 23 '19 at 08:44
  • in this case this is probably a duplicate of [Sending JWT token in the headers with Postman](https://stackoverflow.com/questions/24709944/sending-jwt-token-in-the-headers-with-postman) In general, you can cheat and use Fiddler or the browser's Network tab to inspect the HTTP calls the browser makes to the server so you can emulate them. – Panagiotis Kanavos Jan 23 '19 at 08:48
  • Tools like Postman have scripts that allow you to multiple calls. Googling for `postman scipt jwt` returns several gists that do just that. Some look cleaner than others. The article [Using Postman for JWT Authentication on Adobe I/O](https://medium.com/adobetech/using-postman-for-jwt-authentication-on-adobe-i-o-7573428ffe7f) explains the process step-by-step – Panagiotis Kanavos Jan 23 '19 at 08:50
0

Ok, so the real answer to this can be found here:

.Net Core 2.0 Web API using JWT - Adding Identity breaks the JWT authentication

AddIdentityCore needs to be used, not AddIdentity https://wildermuth.com/2018/04/10/Using-JwtBearer-Authentication-in-an-API-only-ASP-NET-Core-Project

Once wired up like this in startup, the clients all work fine, and auth works as expected

raklos
  • 28,027
  • 60
  • 183
  • 301