简体   繁体   English

WebApi 2身份验证

[英]WebApi 2 Authentication

I am a little confused with WebApi and MVC. 我对WebApi和MVC有点困惑。 I created a blank WebApi project and selected Individual User Accounts as the authentication method. 我创建了一个空白的WebApi项目,并选择了“个人用户帐户”作为身份验证方法。

This generated the AccountController : ApiController class. 这生成了AccountController:ApiController类。 In here there are methods for Registering, Getting user info, etc, but there is no method for logging in. 这里有注册,获取用户信息等方法,但是没有登录方法。

How is the MVC user supposed to log in? MVC用户应如何登录?

Cheers, /r3plica 干杯,/ r3plica

In default Web Api template is using OWIN middleware to authenticate user. 默认情况下,Web Api模板使用OWIN中间件对用户进行身份验证。

In Startup.Auth.cs you can find configuration info about urls for authentication. 在Startup.Auth.cs中,您可以找到有关用于身份验证的URL的配置信息。

 static Startup()
    {
        PublicClientId = "self";

        UserManagerFactory = () => new UserManager<IdentityUser>(new UserStore<IdentityUser>());

        OAuthOptions = new OAuthAuthorizationServerOptions
        {
            TokenEndpointPath = new PathString("/Token") - this url for get token for user,
            Provider = new ApplicationOAuthProvider(PublicClientId, UserManagerFactory),
            AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
            AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
            AllowInsecureHttp = true
        };
    }

After you send request to TokenEndPointPath with user name and password in parameters, OWIN middleware call method GrantResourceOwnerCredentials which implemented in ApplicationOAuthProvider in default template with user account.In this method you can check user name and password and grant access to user. 在使用参数中的用户名和密码向TokenEndPointPath发送请求之后,OWIN中间件调用方法GrantResourceOwnerCredentials在默认模板中的ApplicationOAuthProvider中使用用户帐户实现。在这种方法中,您可以检查用户名和密码并授予用户访问权限。

You can find default implementation of this method below. 您可以在下面找到此方法的默认实现。

public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
    {
        using (UserManager<IdentityUser> userManager = _userManagerFactory())
        {
            IdentityUser user = await userManager.FindAsync(context.UserName, context.Password);

            if (user == null)
            {
                context.SetError("invalid_grant", "The user name or password is incorrect.");
                return;
            }

            ClaimsIdentity oAuthIdentity = await userManager.CreateIdentityAsync(user,
                context.Options.AuthenticationType);
            ClaimsIdentity cookiesIdentity = await userManager.CreateIdentityAsync(user,
                CookieAuthenticationDefaults.AuthenticationType);
            AuthenticationProperties properties = CreateProperties(user.UserName);
            AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
            context.Validated(ticket);
            context.Request.Context.Authentication.SignIn(cookiesIdentity);
        }
    }

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM