Last post Aug 23, 2018 08:32 AM by Nan Yu
Aug 16, 2018 03:46 AM|Mahantesh Ambiger|LINK
I am developing a .NET MVC web app where user will enter user name and password in the log in page. I call a token based authentication web api to validate the credentials. The api returns me access token along with its expiry date/time if the user already
registered and entered valid credentials. My questions are,
Aug 17, 2018 04:44 AM|Nan Yu|LINK
I am developing a .NET MVC web app where user will enter user name and password in the log in page. I call a token based authentication web api to validate the credentials.
Which flow you are using ? Do you use own login page and OAuth 2.0 Resource Owner Password Credential Flow ?
Please explain more about that .
Aug 17, 2018 06:31 AM|Mahantesh Ambiger|LINK
Thanks for the reply Nan Yu.
My api is implemented in the same lines as in the links you have given in your reply.
My question is, I am developing a .NET MVC web app which has login action which will send the user entered user name and password to the api. Api sends back the access token if the credentials are valid. What is the mechanism / logic to be followed when
I redirect user to some other action method which is decorated with Authorize attribute. Basically, I want to know how to say that the current user is authenticated so that Authorize attribute lets the user access the action/view.
Please let me know if you need any other details from me.
Aug 23, 2018 08:32 AM|Nan Yu|LINK
Hi Mahantesh ,
After web api side validate the user credential , it will send back ID Token and Access Token(if you request api access) to MVC client , MVC should validates the Identity token and uses it to create a local Authentication cookie, so the user becomes authenticated
in the app.