0

I have solution with Webapplication and REST api (webapi). In REST api I have implemented Token based security between Web and service. So there is a way to implement custom security check ( for token validation, is it expired, etc) and use [Authorize] attribute? In other words there is a way to check my for my own is user authorized or not in Webapplication ? I have to write my own middleware or smth ?

Improve this question
0

1 Answer 1

Reset to default
1

The MVC 5 template uses the .Net Identity OWIN middleware. If you left it as the default authentication option when creating the solution it will be installed. You just need to use the Bearer Token authorisation by configuring it.

Once that's done you'll get all the handy stuff you'd get if it were a cookie. E.g the User principal is available as part of the request.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

I used empty project, so there is nothing inside.
Fear not! You can install everything you need through Nuget. There's loads of info over on asp.net/identity. For the API, you can have a read of this: asp.net/web-api/overview/security/…
It will work on DNX Core 5 ? Btw, you mentioned MVC5, but I'm using MVC6 (vNext)
Sorry I haven't delved into the DNX Core world myself yet so can't tell you with certainty. It's still being actively developed by MS so probably

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.