Last post Jun 05, 2014 02:43 PM by Parmezana
Jun 05, 2014 01:21 PM|Parmezana|LINK
To start off, not an experienced developer, have done some projects in the past, but the past is way back in the past.
For the past year I've had an obsession to actually manage and develop a specific application that came up as an idea, but my inexperience has kept me a year down the way still trying to figure how to make the initial project configuration and breakdown having
lost sleep and hope several times and often putting me off for the idea for a while.
Past the intro, I am trying to develop a solution that requires Authentication and will be accessed both by web browsers and by developped apps through api.
I recently came across this tutorial:
which I followed through and hoped to start shaping out from.
When I tried to test the exposed api's with a windows phone app, obviously I could call on the non [Authorize] ones, but when it came to test with the Secure ones, I realized I had no Idea how to add phone app authentication to my project.
looking around for answers, I came to the conclusion that even though you can incorporate APIs with your MVC web application, you can only have Forms authentication, or create the same project with Web API and have Basic Authentication through Json, but
no forms. Any attempts to follow advanced custom authentication tecniques tutorials came out fruitless as they:
I am hoping someone can prove this conclusion wrong and somehow, I can incorporate both authentication methods
with the out of the box tools.
If not, I am pretty sure there's a lot of people utilizing this same architecture and I would really really appreciate someone to explain how to set up my solution in order for this to work and be manageable during development.
I also thought about using 2 projects (one API and one MVC) and each have their own authentication but I am not sure I will be able to call API from the MVC then.
don't know if this makes any sense to anyone. but I am rather desperate...
Thank you for your time,
Jun 05, 2014 02:23 PM|damienBod|LINK
This is possible. Thinktecture would be a good solution for you. They provide videos, helps and samples as well. This would work well for your requirements, but has a bit of a learning curve getting started.
https://github.com/thinktecture/Thinktecture.AuthorizationServer + IdentityServer.V2
You also have to use HTTPS, here's a link to help you:
Here are also good examples for external OAuth2 providers:
Also google for OAuth2.
hope this helps
Jun 05, 2014 02:43 PM|Parmezana|LINK
Thank you Damien,
I had come across Thinktecture before but they have so many libraries, I got totally lost!
reading through the documentation from the links you gave me, seems like you understood what I want to do, so I will put a lot of extra effort and patience in understanding them :)
I will soon reply and let you know!