//This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public async void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
// app.UseHsts();
}
//exception handling for 401 and 500
app.UseExceptionHandler(appBuilder =>
{
appBuilder.Use(async(context, next) =>
{
var error = context.Features[typeof(IExceptionHandlerFeature)] as IExceptionHandlerFeature;
//when authorization has failed, should retrun a json message to client
if (error != null && error.Error is SecurityTokenExpiredException)
{
context.Response.StatusCode = 401;
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonConvert.SerializeObject(new
{
status = 401,
message = "Its either token has expired or incorrect",
error = "Forbidden route"
}));
}
//when orther error, retrun a error message json to client
else if (error != null && error.Error != null)
{
context.Response.StatusCode = 500;
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonConvert.SerializeObject(new
{
status = 500,
message = "Internal Server Error",
error = error.Error.Message
}));
}
//when no error, do next.
else
{
await next();
}
});
});
app.UseStaticFiles();
//add swagger middleware and ui
app.UseSwagger();
app.UseSwaggerUI(c => {
c.SwaggerEndpoint("/swagger/v1/swagger.json", "JK Api V1");
});
app.UseSecureHeadersMiddleware(ServiceExtensions.BuildDefaultConfiguration());
app.UseAuthentication();
//app.UseHttpsRedirection();
app.UseMvc();
app.UseCors();
}