Sign in Register
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Son Pham 31 posts 72 karma points
    Sep 30, 2015 @ 14:38
    Son Pham
    0

    Secure Umbraco WebAPI by using member credential

    Hi all,

    I want to expose an api that return a list of product list in umbraco node to another application (App B).

    For example:

    public class ProductsApiController : UmbracoApiController
{
    [Umbraco.Web.WebApi.UmbracoAuthorize]
    public IEnumerable<string> GetAllProducts()
    {
        return new[] { "Table", "Chair", "Desk", "Computer", "Beer fridge" };
    }
}

    How to allow app B is able to pass authorization by providing username and password of Umbraco members ?

    It looks like we have to this Umbraco built-in authentication api: http://myapp.com /umbraco/backoffice/UmbracoApi/Authentication/PostLogin

    But I dont know how to set header for next request. Thanks

    Copy Link
  • Benas Brazdziunas 34 posts 156 karma points c-trib
    Oct 01, 2015 @ 13:47
    Benas Brazdziunas
    0 
    [MemberAuthorize(AllowMembers = "user1, user2")]
    public class RiskApiController : UmbracoApiController
    {
        .......
    }

    Try this.

    Copy Link
  • Son Pham 31 posts 72 karma points
    Oct 01, 2015 @ 13:50
    Son Pham
    0

    Hi Benas. Thanks for this code but Do you know how to request ajax from another app to pass authentication. And how to call /Authentication/PostLogin properly, how parameters looks like ?

    Thanks

    Copy Link
  • mellogrand 4 posts 25 karma points
    Oct 07, 2015 @ 06:30
    mellogrand
    0

    I have been using this for quite some time now. Probably not the best code, but works well after having logged I then call other umbraco apis to get contents 

        private static HttpWebResponse PostLogin(string baseURL, string loginParams, CookieCollection parCookie)
    {
        string formUrl = baseURL + "UmbracoApi/Authentication/PostLogin ";
        HttpWebRequest req = (HttpWebRequest)HttpWebRequest.Create(formUrl);
        req.ContentType = "text/json";
        req.Method = "POST";
        req.CookieContainer = new CookieContainer();
        req.AllowAutoRedirect = false;
        using (StreamWriter sw = new StreamWriter(req.GetRequestStream()))
        {
            sw.Write(loginParams);
            sw.Flush();
            sw.Close();
        }
        HttpWebResponse resp = (HttpWebResponse)req.GetResponse();
        parCookie = resp.Cookies;
        string pageSource;
        using (StreamReader sr = new StreamReader(resp.GetResponseStream()))
        {
            pageSource = sr.ReadToEnd();
        }
        Console.Write(pageSource);
        return resp;
    }
    Copy Link

  • This forum is in read-only mode while we transition to the new forum.

    You can continue this topic on the new forum by tapping the "Continue discussion" link below.

Please Sign in or register to post replies