Asp.net MVC 4 + WEB API - Custom authentication token

asp.net-mvc asp.net-mvc-4 asp.net-web-api
22,649

Solution 1

Generally you can either generate token and implement its verification logic manually or use some 3rd party tools.

For manual implementation look here or here at blog post, it could be a good starting point for you. It's based on http://oauth.googlecode.com/svn/code/csharp/OAuthBase.cs class.

For client side and OAuth concepts you can read here a good answer.

From 3rd parties a goo choice could be DotNetOpenAuth. It's a good library but is complicated when working with OAuth. Try to look at its Web API OAuth2 sample

Second questions - answer is yes. You validate token and set request as authenticated. Anyway you can look at Wep API OAuth sample, where it's implemented.

Solution 2

You might consider using the WebAPI Token Auth Bootstrap Package I am currently working on - available at GitHub or NuGet.

Documentation and code samples available at GitHub Wiki.

Simple Token and Users Authentication and Authorization Bootstrap for WebAPI applications. Provided with 'TokenAuthApiController' which has built-in support for Login and Logout (cookies-based) and automatic token parsing and authenticating (inside query strings, form data or cookies).

This bootstrap allow you to simply have [TokenAuthentication] attribute on actions with the appropriate AccessLevel: Admin, User, Public or Annonymous.

This bootstrap also provides TokenAuthApiController that inherits from the traditional ApiController and adds extra functionality detailed here.

Feel free to Pull requests, Report issues or Contribute

Solution 3

This would be one of the good places to start, This ties in nicely with the asp.net membership

https://stackoverflow.com/a/7217957/989679

You basically store information in userData of authCookie and works well with WebAPI

Share:
22,649
Hari Subramaniam
Author by

Hari Subramaniam

Updated on July 02, 2020

Comments

  • Hari Subramaniam
    Hari Subramaniam almost 4 years

    I am developing an ASP.NET MVC 4 site on .NET 4.0. I am trying to authenticate the site to a WEB API. Now the site will pass a username and password and the WEB API will authenticate it. If authenticated, the WEB API will return a Token with roles, Time To Live etc. I am looking for a few pointers on this.

    1.)How to generate this token?I dont want to use STS or anything else. Even a non fool proof approach would do. 2.)In the MVC side, i have to receive this token and set the current session as authenticated and make sure once TTL is expired i redirect the user to login page? Also in all the WEB API requests i need to send this token.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to make more MapHttpRoutes for MVC 4 Api
How to Get User IP in ASP.NET MVC API Controller
ASP.NET Web API - POST/PUT/DELETE Request from an ASP.NET MVC 4 app
Web Api Custom Authorize Attribute Properties
WebAPI - No action was found on the controller
ASP.NET MVC 4 Web Api ajax file upload
MVC 4 Web API register filter
Web API: No MediaTypeFormatter is available to read an object of type 'IEnumerable`1' from content with media type 'text/plain'
FileLoadException was unhandled by user code
Custom httphandler and routehandler with ASPNET MVC 4 and webapi