Dear Team I am just starting this wonderful module for one of my project
How to give authorization generated to API Controllers ?
For example,
before the user calls, he has to login and get the session id before he proceeds to call other methods
Would like to achieve something like this ?
<a class="postlink" href="http://www.asp.net/web-api/overview/security/individual-accounts-in-web-api">http://www.asp.net/web-api/overview/sec ... in-web-api</a>
3 Answer(s)
-
0
Hi Hasan,
Thank you for interested in this project.
ABP has AbpAuthorize attribute for authorization that is described in this document: <a class="postlink" href="http://www.aspnetboilerplate.com/Pages/Documents/Authorization">http://www.aspnetboilerplate.com/Pages/ ... horization</a>.
ABP defines authorization as abstract. module-zero (<a class="postlink" href="https://github.com/aspnetboilerplate/module-zero">https://github.com/aspnetboilerplate/module-zero</a>) implements it using ASP.NET Identity Framework. There is a sample project in repository. It show usage of login form and authorization. You can check it and documentation to accomplish what you want. I'm continueing to documentation for module-zero.
Beside that, you can also check ASP.NET Zero project (which is UI layer for ABP & module-zero): <a class="postlink" href="http://www.aspnetzero.com/">http://www.aspnetzero.com/</a> But it's commerical, not open source. If you will create a commerical application, this project can help you.
-
0
Dear Hikalkan
Thanks for your reply.
For my case, I will have to create a API Controller by myself and use the APIauthorize attribute
Please clarify
-
0
Yes, you can create Web API controllers and add ASP.NET's standard security mechanism if you don't want to use ABP's authorization system.
Thanks.