Hello,
I'm currently doing my Login action in MVC but i wan't to switch this to the Application Layer. My problem is HttpContext is not accessible in the Application Layer!
Anyone know a way to do it with the Application Layer?
thx in advance!
15 Answer(s)
-
0
You can access to HttpContext from application layer by defining an interface and implementing it in web layer. But.. you may doing something wrong if you need this. Do you use Module-zero? How are you logging in the application? Have you checked our new module-zero template? It has login and usable in web api and app layer also (over IAbpSession and AbpAuthorize).
-
0
I agree i must be doing something wrong! :) I wanted to use the IAuthenticationManager from the HttpContext.GetOwinContext().Authentication
I use Module-Zero from an old version updated to the newest one. I started with the Module-Zero sample in the past :)
Thx to point me out the AbpUserManager that containt the method LoginAsync!
Does it make my OWIN Context still Authentified by this method ?
-
0
Hi,
I did not exactly understand "Does it make my OWIN Context still Authentified by this method ?", sorry :)
-
0
the OWIN context is used to Login User with the MVC Controller
this is from Taskever -> AccountController
private IAuthenticationManager AuthenticationManager { get { return HttpContext.GetOwinContext().Authentication; } } private async Task SignInAsync(AbpUser user, bool isPersistent) { AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie); var identity = await _userManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie); identity.AddClaim(new Claim(AbpClaimTypes.TenantId, "42")); AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = isPersistent }, identity); }so OWIN know the user if he's connected (Logged in)
Does the WebAPI layer is doing the same thing !? Does OWIN will know my User if i go with AbpUserManager.LoginAsync ?
I'm asking this because i will use SignalR soon and it work on Owin. I want SignalR to know the current User with his current Context!
-
0
Hi,
We're using ASP.NET Identity Framework in module-zero. And it uses owin infrastructure while logging in. So, I suppose that Web API also knows it.
-
0
ok thx a lot for your answer!
-
0
How do i repeat those login line of code in WebAPI layer ?
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie); AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = loginModel.RememberMe }, loginResult.Identity);where the AuthenticationManager were
private IAuthenticationManager AuthenticationManager { get { return HttpContext.GetOwinContext().Authentication; } }Or is there any other way to set Remember me and owin cookies ?
-
0
I'm still waiting for answer!
-
0
Hi,
Sorry but I've no much experience with Owin+AspNetIdentityFramework. Actually, I think that's not directly related to ABP or module-zero since we're just using IdentityFramework. So, I believe you can find your answers by searching the web because I even could not understand well what you're trying.
But, I think that it is not true to sign-in/sign-out in web api layer. Because logging in to a system is related to web and it should be done in mvc project. Maybe this help you:
I created a ABP+module-zero template from <a class="postlink" href="http://www.aspnetboilerplate.com/Templates">http://www.aspnetboilerplate.com/Templates</a> Then run Update-Database command and added this api controller:
public class TestApiController : AbpApiController { public int Get() { return (int)AbpSession.GetUserId(); } }Run the application, login with default/admin/123qwe and then entered this url: <a class="postlink" href="http://localhost:6234/api/TestApi">http://localhost:6234/api/TestApi</a>
it returns 2 (user id of the admin). So this shows authentication properly works. You can also get Thread.CurrentPrincipal in same method. This shows web api properly understand when we login from mvc controller.
I hope these informations help you.
-
0
<cite>hikalkan: </cite>
But, I think that it is not true to sign-in/sign-out in web api layer. Because logging in to a system is related to web and it should be done in mvc project.
Serious? we must be a lot of people that are wrong.... a single research on AngularJS and WebAPI Authentication and you will see ton of posts...
There is 2 more post on the forum asking for the same thing... #179 <-- This one point out here and an other post #91 <-- the other post
Why not listening to people that need the Bearer Token? We are all wrong ?
I will do it by myself but... many people will ask for this feature with time ...
ABP is still pretty young and already 3 Threads for the same question and still no valid answer other than i will show you how to use MVC that is not what we are asking for... my MVC Login / Logout / Register / ForgotPassword is working pretty well but now we need to switch it to WebAPI Layer.
sorry for being angry! I doesn't want to be mean... but I wanna point out that we are a lot of people that require this functionnality
-
0
Hey GVB !
I understand your message; but I think it is a little bit aggressive.
ABP and zero module are free; hikalkan does his best to help us on the forum, in his free time . There is no obligation for him to help us on ABP & ABP module Zero. (I do not talk about ABPZero here)
Maybe that's not (yet) useful for his project to make authentication WebAPI and that's not a priority.
The community can also develop and improve the project on github since it's opensource.
And I join you; this could be a very interesting feature (WebAPI Authentification) if it's realistic :) (i'll search tomorrow about it)
Nevermind, if you implement something similar ; I might be interested :) ( And perhaps integrate it into ABP github ? )
-
0
<cite>daws: </cite>
I understand your message; but I think it is a little bit aggressive.
I must admit i was angry :( and that's why i said "sorry for being angry! "
i'm sorry for being aggressive :S dont take it personnaly seriously :) you are doing a great job and the framework is awesome ;)
I understand that may be there are other more important feature to fix or to develop
-
0
Hi,
I've also written:
Sorry but I've no much experience with Owin+AspNetIdentityFramework
So, I can not know everything. Thank you @daws you explain it very nice. ABP is open source and it's is in version 0.6.3.1. Your needs may be included in the future. But we don't say that "ABP does or will do eveything". MIT licensing says "THE SOFTWARE IS PROVIDED "AS IS...". So, I can not help you in this topic since I don't know. But we thank you if you can find a solution, implement and share it with ABP community.
Have a nice day.
-
0
And so? Do we have the solution? Also I'd like to have a login via Angular.
At the moment I have the home page working anonymous (I achieved it with a small fix. see <a class="postlink" href="https://github.com/aspnetboilerplate/module-zero-template/pull/57">https://github.com/aspnetboilerplate/mo ... te/pull/57</a>) and now I'd like to a add a popup window for login via Angular WebApi
-
0
Hi,
You can use Token Based Authentication. See <a class="postlink" href="https://aspnetzero.com/Documents/Development-Guide#token-based-authentication">https://aspnetzero.com/Documents/Develo ... entication</a>
