Asp.net MVC 4 + WEB API - User Authentication Token

Question

Asp.net MVC 4 + WEB API - User Authentication Token

I am developing an ASP.NET MVC 4 site on .NET 4.0. I am trying to verify the authenticity of the site on the WEB API. Now the site will transmit the username and password, and the WEB API will authenticate it. If authenticated, the WEB API will return a token with roles, Time To Live, etc. I am looking for a few pointers on this.

1.) How to generate this token? I do not want to use STS or anything else. Even an approach with unfair evidence. 2.) On the MVC side, should I get this token and set the current session as authenticated and make sure that with the expiration of the TTL I am redirecting the user to the login page? Also in all WEB API requests I need to send this token.

+5

asp.net-mvc asp.net-web-api asp.net-mvc-4

Hari subramaniam Apr 21 '13 at 6:15

source share

3 answers

, WebAPI Token Auth Bootstrap Package, - GitHub NuGet.

- GitHub.

Bootstrap WebAPI. "TokenAuthApiController", ( cookie) ( , ).

[TokenAuthentication] AccessLevel: Admin, User, Public Annonymous.

TokenAuthApiController, ApiController .

,

+3

Aviran Cohen 06 . '13 23:54

, asp.net

fooobar.com/questions/31057/...

userData authCookie WebAPI

+1

Naresh Jois 21 . '13 7:51

Regfor · Accepted Answer · 2013-04-21T08:51:59+0000

As a rule, you can either generate a token, or execute your verification logic manually, or use third-party tools.

For a manual implementation, look here or here in the blog, this may be a good starting point for you. It is based on the http://oauth.googlecode.com/svn/code/csharp/OAuthBase.cs class.

For client and OAuth concepts, you can read a good answer here .

From third parties, the goo selection may be DotNetOpenAuth . This is a good library, but difficult to work with OAuth. Try a look at a sample Web OAuth2 API

- . . WAP API OAuth, .

Asp.net MVC 4 + WEB API - User Authentication Token

More articles: