Is there any way forbid to use web api services by other applications from remote pc? I want that users use site only as angular result from my iis hosting.
5 Answer(s)
-
0
Then you should Authorize your services. See docs: <a class="postlink" href="http://www.aspnetboilerplate.com/Pages/Documents/Authorization">http://www.aspnetboilerplate.com/Pages/ ... horization</a> You can use module-zero for an implementation of authorization. See sample project: <a class="postlink" href="https://github.com/aspnetboilerplate/module-zero/tree/master/sample">https://github.com/aspnetboilerplate/mo ... ter/sample</a> Documentation is coming soon for module-zero.
Do you use a login for your application?
-
0
Thank you. Yes, I set all these features. I use login too. I very like your Abp project. Thanks.
-
0
OK, I guess that I will create a startup documentation with module-zero in a few days. Thanks for using ABP :)
-
0
Hey !
In the case where we can have both logged/Anonymous users and that I want to restrict from external ips;
I think the best way is :
- an user call the website
- main page is retrieved & contains the "public user" abpzero (if not logged)
- any webapi call is marked as "[AbpAuthorize]"
Do you think this is a good idea to create one generic "public" user used by hundred/thousand of person ?
If yes, I see this way
public ActionResult Index() { if(...) // check if already logged in, otherwise login as "public user AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = true }, loginResult.Identity); return View("~/App/Main/views/index.cshtml"); } -
0
You case is strange :) But your solution seems good for me.
