问题
I have complete ASP.NET-MVC5 application which I extended by the WEB API 2 OData controllers. For instance I have:
public class PersonController : ODataController
and MVC controller which demands authorization
[Authorize] public class PersonController : Controller
Both contollers use ApplicationDbContext where my DbSets are
I don't want to give data about person to everyone in the world through WEB API controller. I already have User, Moderator and Admin roles in my MVC application.
Can I somehow use already existing authorization module(Identity 2.x), to demand login when someone tries to fetch the data from Person WEB API Controller.
For instance by:
http://localhost:17697/odata/Person?$expand=ReceivedCalls
Direct problem:
If I do:
[Authorize]
public class PersonController : ODataController {
then when I go to the link:
http://localhost:17697/odata/Person
I am redirected to login page. But this login page is for humans. How to make it easy for client applications to login.
来源:https://stackoverflow.com/questions/30954413/reuse-existing-asp-net-mvc-5-identity-2-authorization-for-web-api-odata-controll