I have a UmbracoMemberBasicAuthenticationFilter class which is actually a web api filter to ensure Basic authentication for my APIs. Actually I need an instance of an object which implements IMemberService interface which I can get from ApplicationContext. The question is can I get ApplicationContext inside filter or get an instance for my service via some (unknown for me) umbraco container.
Just a small remark on the "umbraco container". There is no dependency injection which is done in Umbraco (yet, in v7 that is). The member service is not registered as an MVC service (as far as i know). So you can not get it from the default resolver.
Also, I would not use any MemberService on front-end code if not needed as it would hit the database.
Is there any reason why you can not use [Authorize()] ?
Thank you for your response. Now I have a clear vision about dependency injections. I need to achieve register/login users for mobile application. We decided to use Basic Auth and Umbraco Members because they don't have access to backoffice. The question is can I use Authorize attribute or inheriting from UmbracoAuthorizedApiController for members? Will it use Basic Auth or work with cookies?
UPD. From the source code UmbracoAuthorizeAttribute - ensures authorization is successful for a back office user
You have found the answer already, but just for completeness, the documentation does mention the authorizedControllers. One would deduct the attribute is also for the backoffice. So your code inspection completely right. Well done! :-)
Finally I have found solution. As discussed here we need to create custom behavior to support Basic Auth because Umbraco use cookies. This steps will help you to achieve the goal:
Create authentication filter. You can ready code here
Create umbraco filter based a previous filter
public class UmbracoMemberBasicAuthenticationFilter : BasicAuthenticationFilter{ public UmbracoMemberBasicAuthenticationFilter()
{
}
public UmbracoMemberBasicAuthenticationFilter(bool active) : base(active)
{
}
protected override bool OnAuthorizeUser(string username, string password, HttpActionContext actionContext)
{
var helper = new MembershipHelper(UmbracoContext.Current);
return helper.Login(username, password);
}}
Use it in your action
[HttpGet]
[UmbracoMemberBasicAuthenticationFilter]
public HttpResponseMessage Login()
{
return Request.CreateResponse(HttpStatusCode.OK);
}
Get Umbraco "IMemberService" from web api "AuthorizationFilter"
I have a UmbracoMemberBasicAuthenticationFilter class which is actually a web api filter to ensure Basic authentication for my APIs. Actually I need an instance of an object which implements IMemberService interface which I can get from ApplicationContext. The question is can I get ApplicationContext inside filter or get an instance for my service via some (unknown for me) umbraco container.
I don't know of a way to get the Services inside a class that doesn't inherit from certain umbraco classes (like UmbracoApiController).
If you only need basic functionality you can always do the following:
I don't know if this suffices for you but it's worth a try.
Just a small remark on the "umbraco container". There is no dependency injection which is done in Umbraco (yet, in v7 that is). The member service is not registered as an MVC service (as far as i know). So you can not get it from the default resolver.
Also, I would not use any MemberService on front-end code if not needed as it would hit the database.
Is there any reason why you can not use [Authorize()] ?
Kind regards Damiaan
Hi Damiaan,
Thank you for your response. Now I have a clear vision about dependency injections. I need to achieve register/login users for mobile application. We decided to use Basic Auth and Umbraco Members because they don't have access to backoffice. The question is can I use Authorize attribute or inheriting from UmbracoAuthorizedApiController for members? Will it use Basic Auth or work with cookies?
UPD. From the source code UmbracoAuthorizeAttribute - ensures authorization is successful for a back office user
Best regards
You have found the answer already, but just for completeness, the documentation does mention the authorizedControllers. One would deduct the attribute is also for the backoffice. So your code inspection completely right. Well done! :-)
Finally I have found solution. As discussed here we need to create custom behavior to support Basic Auth because Umbraco use cookies. This steps will help you to achieve the goal:
Create umbraco filter based a previous filter
Use it in your action
Happy to see you have found the solution.
Using the membershipHelper is a better choice than the Services. Thumbs up for this one.
Thanks for sharing!
is working on a reply...