Sign in Register
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Son Pham 31 posts 72 karma points
    Sep 30, 2015 @ 14:38
    Son Pham
    0

    Secure Umbraco WebAPI by using member credential

    Using Umbraco 7
    Umbraco 7

    Hi all,

    I want to expose an api that return a list of product list in umbraco node to another application (App B).

    For example:

    public class ProductsApiController : UmbracoApiController
{
    [Umbraco.Web.WebApi.UmbracoAuthorize]
    public IEnumerable<string> GetAllProducts()
    {
        return new[] { "Table", "Chair", "Desk", "Computer", "Beer fridge" };
    }
}

    How to allow app B is able to pass authorization by providing username and password of Umbraco members ?

    It looks like we have to this Umbraco built-in authentication api: http://myapp.com /umbraco/backoffice/UmbracoApi/Authentication/PostLogin

    But I dont know how to set header for next request. Thanks

    Copy Link
  • Benas Brazdziunas 34 posts 155 karma points c-trib
    Oct 01, 2015 @ 13:47
    Benas Brazdziunas
    0 
    [MemberAuthorize(AllowMembers = "user1, user2")]
    public class RiskApiController : UmbracoApiController
    {
        .......
    }

    Try this.

    Copy Link
  • Son Pham 31 posts 72 karma points
    Oct 01, 2015 @ 13:50
    Son Pham
    0

    Hi Benas. Thanks for this code but Do you know how to request ajax from another app to pass authentication. And how to call /Authentication/PostLogin properly, how parameters looks like ?

    Thanks

    Copy Link
  • mellogrand 4 posts 25 karma points
    Oct 07, 2015 @ 06:30
    mellogrand
    0

    I have been using this for quite some time now. Probably not the best code, but works well after having logged I then call other umbraco apis to get contents 

        private static HttpWebResponse PostLogin(string baseURL, string loginParams, CookieCollection parCookie)
    {
        string formUrl = baseURL + "UmbracoApi/Authentication/PostLogin ";
        HttpWebRequest req = (HttpWebRequest)HttpWebRequest.Create(formUrl);
        req.ContentType = "text/json";
        req.Method = "POST";
        req.CookieContainer = new CookieContainer();
        req.AllowAutoRedirect = false;
        using (StreamWriter sw = new StreamWriter(req.GetRequestStream()))
        {
            sw.Write(loginParams);
            sw.Flush();
            sw.Close();
        }
        HttpWebResponse resp = (HttpWebResponse)req.GetResponse();
        parCookie = resp.Cookies;
        string pageSource;
        using (StreamReader sr = new StreamReader(resp.GetResponseStream()))
        {
            pageSource = sr.ReadToEnd();
        }
        Console.Write(pageSource);
        return resp;
    }
    Copy Link
Please Sign in or register to post replies

Write your reply to:

Draft