[英]How to do caching of Authorization access token in web api C#?
I have two project. 我有两个项目。 Project 1 is Php based web API which include OAuth and custom Authorization logic.Where Project 2 is C# REST API where each API should be authorized.To achieve this I am exposing Api from project 1 for Authorization, which is working perfect.
项目1是基于Php的Web API,其中包括OAuth和自定义的授权逻辑。 项目2是C#REST API,每个API都应得到授权。为此,我将Api从项目1中公开以进行授权,这是完美的。 By above flow for each request to Project 2 API's I have to authorize by hitting the Authorization API's of Project 1. Do we have any concept in C# or by using some caching technique so that I can check that each request is already validated or not .If not then I should call Authorization API.?
通过以上针对Project 2 API的每个请求的流程,我必须通过点击Project 1的Authorization API进行授权。 我们在C#中是否具有任何概念或使用某种缓存技术,以便可以检查每个请求是否已得到验证。如果没有,那么我应该调用授权API。 Input for Authorization API is " Bearer token " which will be sent by client application.
授权API的输入是“ 承载令牌 ”,它将由客户端应用程序发送。
Constraint :- I have to maintain two different projects and I have to reuse my auth provider API in another web api project. 约束 :-我必须维护两个不同的项目,并且必须在另一个Web api项目中重用我的身份验证提供程序API。 Thanks in advance.
提前致谢。
you can use redis or any popular out proc cache mgmt to store your token & can be used by both of project. 您可以使用redis或任何流行的out proc缓存mgmt来存储令牌,并且可以被两个项目使用。
You can use separate auth server, for example: 您可以使用单独的身份验证服务器,例如:
https://identityserver.github.io/Documentation/ https://identityserver.github.io/Documentation/
And implement SSO(single-sign-on) functionality, if you needed. 并根据需要实施SSO(单点登录)功能。
Or you can implement your own authorization server, but strongly recommend you to use existing solutions. 或者,您可以实施自己的授权服务器,但强烈建议您使用现有的解决方案。
Look into this article: http://bitoftech.net/2014/09/24/decouple-owin-authorization-server-resource-server-oauth-2-0-web-api/ 查看这篇文章: http : //bitoftech.net/2014/09/24/decouple-owin-authorization-server-resource-server-oauth-2-0-web-api/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.