Base solution for your next web application
Open Closed

Create an API next to Web.Host #12287


User avatar
0
benjamin.edinger@synaptix.at created

Hi,

I am currently working on an ASP.NET Zero-based solution that includes a primary project named Web.Host. This project is successfully utilizing JWT-based authentication along with social login providers (e.g., Facebook, Google) configured through ABP modules.

I am attempting to add an additional API project named Web.Reports to the solution. The goal is to have Web.Reports use the same authentication mechanism as Web.Host, enabling the frontend to authenticate once and access endpoints from both Web.Host and Web.Reports seamlessly.

Best regards!


4 Answer(s)
  • User Avatar
    0
    m.aliozkaya created
    Support Team

    Hi @benjamin.edinger@synaptix.at,

    I will review the code a bit more to provide the best solution.

  • User Avatar
    0
    m.aliozkaya created
    Support Team

    Hi @benjamin.edinger@synaptix.at,

    Based on your setup, it's possible to reuse the same authentication mechanism across both Web.Hostand Web.Reports without much customization. Since the TokenAuthController is already in the Web.Core project, both APIs can leverage the same logic seamlessly.

    To achieve this, I recommend the following steps:

    • Move the AuthConfigurer class from Web.Host toWeb.Core. This will allow both Web.Host and Web.Reports to share the same authentication configuration without duplicating code.

    • In the Startup.cs of your Web.Reports project, ensure that the authentication settings mirror those of Web.Host. Specifically, copy over the configurations related to JWT authentication, authorization policies, and any other relevant middleware.

    Once this setup is complete, the same token should work seamlessly across both APIs, allowing your frontend to authenticate once and access endpoints from both projects without issues.

  • User Avatar
    0
    benjamin.edinger@synaptix.at created

    Hi @m.aliozkaya,

    Thank you for your recommendations. I followed the steps to move AuthConfigurer to Web.Core and mirrored the authentication setup in Web.Reports. However, I am still facing the following issues:

    1. Token Validation Failure:
      Tokens generated in Web.Host are not recognized in Web.Reports, resulting in 401 Unauthorized. The SecurityKey, Issuer, and Audience settings are identical in both projects, and authentication middleware is configured.

    2. WebReportsModule Dependency Issue:
      When initializing the WebReportsModule, I encounter the following error:

      Castle.MicroKernel.Handlers.HandlerException: Can't create component 'SignalRChatCommunicator' as it has dependencies to be satisfied.
      

      I do not require SignalRChatCommunicator in Web.Reports and need guidance on excluding it from the module while retaining ABP features like [AbpAuthorize], feature management, and multi-tenancy.

    3. Leveraging Multi-Tenancy and ABP Features:
      What is the recommended approach to enable multi-tenancy and other ABP features like feature management in the Web.Reports project while keeping it independent of Web.Host? Are there specific configurations or dependencies required to share these capabilities across projects?

    Could you provide guidance on synchronizing token validation across APIs and properly configuring WebReportsModule to enable ABP features without unnecessary dependencies?

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi benjamin,

    Is it possible for you to share your project with us via email (info@aspnetzero.com) ? We can check these problems for you.