How should I handle authentication with Nancy?
Solution 1
As Steven writes Nancy supports basic and form auth out of the box. Have a look these two demo apps to see how to do each: https://github.com/NancyFx/Nancy/tree/master/samples/Nancy.Demo.Authentication.Forms and https://github.com/NancyFx/Nancy/tree/master/samples/Nancy.Demo.Authentication.Basic
From the second of those demos here is a module that requires auth:
namespace Nancy.Demo.Authentication.Forms
{
using Nancy;
using Nancy.Demo.Authentication.Forms.Models;
using Nancy.Security;
public class SecureModule : NancyModule
{
public SecureModule() : base("/secure")
{
this.RequiresAuthentication();
Get["/"] = x => {
var model = new UserModel(Context.CurrentUser.UserName);
return View["secure.cshtml", model];
};
}
}
}
and a bootstrapper snippet that sets up form auth in the request pipeline:
protected override void RequestStartup(TinyIoCContainer requestContainer, IPipelines pipelines, NancyContext context)
{
// At request startup we modify the request pipelines to
// include forms authentication - passing in our now request
// scoped user name mapper.
//
// The pipelines passed in here are specific to this request,
// so we can add/remove/update items in them as we please.
var formsAuthConfiguration =
new FormsAuthenticationConfiguration()
{
RedirectUrl = "~/login",
UserMapper = requestContainer.Resolve<IUserMapper>(),
};
FormsAuthentication.Enable(pipelines, formsAuthConfiguration);
}
Solution 2
I created an example forms auth web application with user management with Nancy for my own learning. It's on Github here if you want to play with it.
https://github.com/GusBeare/Nancy-UserManager
Byron Sommardahl
Byron has been developing software since he was 9 years old, coding RPG's on his Commodore 64 and his best friend's Apple IIe. When he was just 14, he developed a driver dispatch program for a large home repair company, a pawn shop management program, and a POS for clothing stores (that one is still in production). Since then, software development has been a constant and consuming passion for Byron. In 2010, Byron and some friends founded a software development company, Acklen Avenue, that has now grown to more than 50 distributed employees and runs multiple simultaneous agile software development projects daily. Byron is a true believer in anything that improves software maintainability, usability, and delivery.
Updated on June 16, 2022Comments
-
Byron Sommardahl about 2 years
I started coding a LoginModule for Nancy, but it occurred to me that possibly I need to perform authentication a different way. Is there an accepted way of doing auth in Nancy? I am planning two projects right now: web and json service. I will need auth for both.
-
Byron Sommardahl about 12 yearsThis answer is spot on for a website that is powered by Nancy. For a service, there is still something missing from Nancy. I have submitted a pull request (github.com/NancyFx/Nancy/pull/650#issuecomment-6416528) containing a new StatelessAuthentication piece. That type of authentication rounds out Nancy (at least for me) as a really great web or service provider technology.
-
Goran Obradovic over 10 years@ByronSommardahl I see your pull request is part of Nancy now. Nice!