Base solution for your next web application
Open Closed

Call Services from Web Api Layer? #241


User avatar
0
ecairncross created

Hi There,

First, thanks for a fantastic framework!

I'm busy trying to set up an application, but I'm using claims authorization. This requires that I apply [Authorize] to my methods in the WebApi project, but since the API is Dynamically generated, I'm not sure how to do this.

I've tried creating web api controllers(using AbpWebApiController) and securing the methods like that, but how do I then call the services using constructor injection? Is this possible? I basically just want to be able to call the Application layer services from the Web Api layer, but I'm not sure how to do this, since I'm struggling to resolve the App Service interface from the Controller(Web Api is looking for a default constructor, and when I use IocManager.Instance.IocContainer.Resolve, the services don't seem to work).

Any help would be greatly appreciated...

Thanks!


2 Answer(s)
  • User Avatar
    0
    daws created

    I'm not sure to understand but if you want to use claims authorization on your webAPI calls, you should not inject [Authorize] on WebAPI Project but in each method of Services that implements "IApplicationService".

    Something like :

    public class TesttAppService : ApplicationService, ITestAppService
        {
    // repositories ...
    
    // Constructor ...
    
            #region Functions
    
            [AbpAuthorize]
            public List<string> GetValues(SearchDto Search)
            {
                ...
    			
                return values;
            }
    

    doc here <a class="postlink" href="http://www.aspnetboilerplate.com/Pages/Documents/Authorization">http://www.aspnetboilerplate.com/Pages/ ... horization</a>

  • User Avatar
    0
    hikalkan created
    Support Team

    Hi,

    For your first question:

    ...I'm using claims authorization. This requires that I apply [Authorize] to my methods in the WebApi project...

    I've no much experience on claims auth. If you really need to add [Authorize] then you can create regular web api controllers (instead of dynamic). But ABP has also auth system, you can check it. If you're using module-zero, you can use it easier.

    ...how do I then call the services using constructor injection...

    Surely, it's possible, just inject your services/repositories into api controller. Just derive your api controller from AbpApiController class, that's all.