Cross platform authentication using ASP.NET Web API

Question

How do I even begin coding authentication using ASP.NET Web API so it is cross-platform to support desktop, mobile and web? I\'d read of some methods of doing RESTful authen

Answer 1

U can use ActionFilterAttribute and override the OnActionExecuting method. Later on register this filter in global.cs to apply this filter for all the actions like this in Application Start method

var config = GlobalConfiguration.Configuration; config.Filters.Add(new CustomAuthAttribute ());

{ namespace Customss { Public class CustomAuthAttribute : ActionFilterAttribute

{

    public override void OnActionExecuting(HttpActionContext actionContext)
    {
        // To inforce HTTPS if desired , else comment out the code
        if (!String.Equals(actionContext.Request.RequestUri.Scheme, "https", StringComparison.OrdinalIgnoreCase))
        {
            actionContext.Response = new HttpResponseMessage(System.Net.HttpStatusCode.BadRequest)
            {
                Content = new StringContent("HTTPS Required")
            };
            return;
        }

       // get toekn from the header

        var userToken = actionContext.Request.Headers.GetValues("UserToken");
         // Customer Logic to check the validity of the token.
        // U can have some DB logic to check , custom STS behind or some loca cache used to compare the values


    }


}

} }