问题
I have the following solution:
- Web api project.
- MVC 4 project.
I need to authenticate user by sending its credentials using a JSON request (https is a must). is it a good approach ? and how can i authenticate the user on both web api and MVC .
回答1:
is it a good approach ?
Yeah, why not.
and how can i authenticate the user on both web api and MVC .
If the Web API requires authentication you could use the same Forms Authentication as the MVC application. So you could configure Forms Authentication in the web.config of the Web API application and then decorate the actions that require authentication with the [Authorize] attribute. Then clients that need to query those methods will need to include the Forms Authentication cookie along with the request.
It is important to note that in order for the Web API to be able to decrypt the forms authentication cookie that was emitted the MVC application, both applications need to share the same machine keys.
回答2:
You can use Basic Authentication. You need to create Authenticationfilter.
There is an opensource library. (WEbAPIDoddle)
https://github.com/WebAPIDoodle/WebAPIDoodle
来源:https://stackoverflow.com/questions/14052176/web-api-authentication-and-mvc-4