ServiceStack set Response DTO when ending the response in Request Filter

1
votes

I use ServiceStack to create an API. I want to perform authentication in a Request Filter. I have created a class that inherits RequestFilterAttribute and overrides method

void Execute(IRequest req, IResponse res, object requestDto)

In the override when the authentication fails, I want to prevent the request to continue with the service method and I want to return a specific message. For ending the request I can use one of these methods:

res.Close();
res.End();
res.EndHttpHandlerRequest();
res.EndRequest();
res.EndRequestWithNoContent();

They prevent the execution of the method in the service. When ending the response I want to have a specific DTO with a message. So before ending the response, I assign a DTO object to the property

res.Dto = myResponseDto;

However, the result from the API call is without any data. Can anybody help with preventing in the filter a request to reach the ServiceStack service implementation, but returning the desired DTO response object?

2
c#servicestack

2 Answers

1
votes

With filters you have to handle the raw response. So if you want to end the response in the filter and return a DTO response, you will need to Write the DTO object to the response before calling the EndRequest method.

If you are sending an Unauthorized error then setting the status code to HttpStatusCode.Unauthorized (401) is usually all that is needed by a client to recognise their request failed.

public override void Execute(IRequest req, IResponse res, object requestDto)
{
    // Perform you filter actions

    if(authorised)
        return;

    // Not authorised, return some object

    var responseDto = new {
        SomeValue = "You are not authorised to do that."
    };

    // Set the status code
    res.StatusCode = (int)HttpStatusCode.Unauthorized;

    // You may need to handle other return types based on `req.AcceptTypes`
    // This example assumes JSON response.

    // Set the content type
    res.ContentType = "application/json";

    // Write the object
    res.Write(responseDto.toJson());

    // End the request
    req.EndRequest();
}

Hope that helps.

1
votes

You can use the following instructions, where res.Dto can be changed to whatever you feel like:

res.ContentType = req.ResponseContentType;
res.StatusCode = (int)HttpStatusCode.Unauthorized;
res.Dto = DtoUtils.CreateResponseDto(requestDto, new ResponseStatus("401", "Unauthorized"));
res.EndRequest();

If you do not require to embed data in the response, you can simply use throw new AuthenticationException("Error reason"); in your filter.