How to Authenticate a user using a remote API?
Question
I have an MVC website which uses an API to authenticate the user, so when the user tries to log in, my server will redirect the login information to my api server in order to verify if the login was successful. If it is, the user is able to enter the "private" section of the website.
All I want to do is verify with the API if the user is registered in the application and which type of user it is (admin or regular user). Depending on the outcome, we would be allowed or not to see some pages.
I am wondering how to do that and I hope you can clarify some things for me.
My first option would be to use Forms authentication and its infrastructure and just change the way the server checks the credentials (verifying with the API instead of a DB). Is that possible?
If this is not possible, can I use the method Application_AuthenticateRequest(object sender, EventArgs e) in my global.asax Or do I need to create my own IHttpModule?
1 answers
solution1
4 ACCPTED 2013-10-02 21:45:35
Use FormsAuthentication.SetAuthCookie(model.Username, false); and FormsAuthentication.SignOut(); to get the job done. Even though a lot of people recommend it I've never had to bother with a custom membership provider.
The top answer from this question covers it MVC ASP.NET - Manually authorize someone and persist the authorization via Forms Authentication
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.