Last post Apr 01, 2019 06:30 AM by Brando ZWZ
Mar 31, 2019 09:53 PM|Maor.Busk|LINK
Apr 01, 2019 06:30 AM|Brando ZWZ|LINK
1. Where authentication should be implemented, i mean there is an obvious need to authenticate at the API</div> <div>to make sure onlt authenticated users are accessing the service, but does that mean i don't have to authenticate at the MVC application? like
when a user logs in at the MVC UI, he is actually using a request to the API and when logged in is being redirected to the page he requested. Should i authenticate twice?
In my opinion, this is according to your web application architecture.
Normally, we will have two authentication , one for MVC and another for web api. We will not let user authenticate twice in the web application. We could get the user credential or use application level credential to access the web api.
view. Does that mean that there is no logic in the controllers in the MVC application? since we anyway make reuests to the service in the view using Ajax. And if so, why do we need the backend side of the MVC controllers like validating model and returning
a friendly "OK" or "Not Found" messages? if everything somes from the Web API anyway?
You could also get the data from web api in MVC controller. By using MVC controller we could use MVC razor engin and controller feature to build the web application more eaisly.
Why do we need both frontend Ajax and also backend MVC controllers to retrieve or savedata to and from a database in case of a Web API service, serving an MVC application?
This is also according to your web application architecture. You could get the data by using ajax or using controller.
Normally, the reason why we use web api is the web api will be a data center which allow multiple forent-end application to get the data. Like Angular application , win form application, or something else. Your MVC project is also some part of the froent-end