Will see how to correctly use one's custom token validation attribute later as I posted here but I was wondering if someone can give me some advice if I do get it right:
I need to use "something" (that token?) in my controller to figure out who the current user is (since one are not really logging in a user like you do in a normal web applicaiton with FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
)?
Just thought about it, what about roles based security on action method level? uuurgh...i'm lost!
In your WebApi code in the controller you will know who the callingh user is via Thread.CurrentPrincipal -- this is the same as in ASP.NET the User object.
krokonoster
Contributor
4291 Points
1352 Posts
Determine current user in Controller
Aug 20, 2012 09:40 AM|LINK
Will see how to correctly use one's custom token validation attribute later as I posted here but I was wondering if someone can give me some advice if I do get it right:
I need to use "something" (that token?) in my controller to figure out who the current user is (since one are not really logging in a user like you do in a normal web applicaiton with FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe); )?
Just thought about it, what about roles based security on action method level? uuurgh...i'm lost!
BrockAllen
All-Star
27512 Points
4895 Posts
MVP
Re: Determine current user in Controller
Aug 20, 2012 02:22 PM|LINK
In your WebApi code in the controller you will know who the callingh user is via Thread.CurrentPrincipal -- this is the same as in ASP.NET the User object.
DevelopMentor | http://www.develop.com
thinktecture | http://www.thinktecture.com/