Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Son Pham 31 posts 72 karma points
    Sep 30, 2015 @ 14:38
    Son Pham
    0

    Secure Umbraco WebAPI by using member credential

    Hi all,

    I want to expose an api that return a list of product list in umbraco node to another application (App B).

    For example:

    public class ProductsApiController : UmbracoApiController
    {
        [Umbraco.Web.WebApi.UmbracoAuthorize]
        public IEnumerable<string> GetAllProducts()
        {
            return new[] { "Table", "Chair", "Desk", "Computer", "Beer fridge" };
        }
    }
    

    How to allow app B is able to pass authorization by providing username and password of Umbraco members ?

    It looks like we have to this Umbraco built-in authentication api: http://myapp.com /umbraco/backoffice/UmbracoApi/Authentication/PostLogin

    But I dont know how to set header for next request. Thanks

  • Benas Brazdziunas 34 posts 156 karma points c-trib
    Oct 01, 2015 @ 13:47
    Benas Brazdziunas
    0
    [MemberAuthorize(AllowMembers = "user1, user2")]
        public class RiskApiController : UmbracoApiController
        {
            .......
        }
    

    Try this.

  • Son Pham 31 posts 72 karma points
    Oct 01, 2015 @ 13:50
    Son Pham
    0

    Hi Benas. Thanks for this code but Do you know how to request ajax from another app to pass authentication. And how to call /Authentication/PostLogin properly, how parameters looks like ?

    Thanks

  • mellogrand 4 posts 25 karma points
    Oct 07, 2015 @ 06:30
    mellogrand
    0

    I have been using this for quite some time now. Probably not the best code, but works well after having logged I then call other umbraco apis to get contents

        private static HttpWebResponse PostLogin(string baseURL, string loginParams, CookieCollection parCookie)
        {
            string formUrl = baseURL + "UmbracoApi/Authentication/PostLogin ";
            HttpWebRequest req = (HttpWebRequest)HttpWebRequest.Create(formUrl);
            req.ContentType = "text/json";
            req.Method = "POST";
            req.CookieContainer = new CookieContainer();
            req.AllowAutoRedirect = false;
            using (StreamWriter sw = new StreamWriter(req.GetRequestStream()))
            {
                sw.Write(loginParams);
                sw.Flush();
                sw.Close();
            }
            HttpWebResponse resp = (HttpWebResponse)req.GetResponse();
            parCookie = resp.Cookies;
            string pageSource;
            using (StreamReader sr = new StreamReader(resp.GetResponseStream()))
            {
                pageSource = sr.ReadToEnd();
            }
            Console.Write(pageSource);
            return resp;
        }
    
Please Sign in or register to post replies

Write your reply to:

Draft