Geek Answers Handbook

Why there is no authentication to preview asp.net 5.0 - api web template -

I created a web project in the new Visual Studio 2015.

I can choose asp.net 4.6 or 5.0 Preview web api template. Old 4.6 has

but i want to use new browsing 5.0 and web api.

But there is no authentication in this template, but why?

+5
source share
3 answers

In the OWIN world, you provide the authentication you need when you need it. its new ASP.NET 5 world paradigm. "You are only provided with what you explicitly say what you need. If you don't ask for it, you won't get it." This is another example of this thinking.

Scott Guthrie calls it in a recent post:

ASP.NET 5 introduces a new HTTP request pipeline, which is modular, so you can only add the components that you need. Piping is also missing, more dependent on System.Web. By reducing pipeline overhead, your application can get better throughput and a more customizable HTTP Stack. The new pipeline is based on many Katana projects and also supports OWIN.

To configure which components are used in the pipeline, use the Configure method in your Startup class. The Configure method is used to indicate which middleware you want to use in your pipeline request. ASP.NET 5 already includes ported versions of many of the middleware from the Katana project, such as middleware for static files, authentication, and diagnostics. The following figure shows some of the features that you can add or remove to the pipeline for your project.

You can connect your protection very quickly; you just need to specify what exactly you will use.

public void Configure(IApplicationBuilder app) { // Add static files to the request pipeline. app.UseStaticFiles(); // Add cookie-based authentication to the request pipeline. app.UseIdentity(); // Add MVC and routing to the request pipeline. app.UseMvc(routes => { routes.MapRoute( name: "default", template: "{controller}/{action}/{id?}", defaults: new { controller = "Home", action = "Index" }); });
+2
source

They deliberately abandoned this, because ASP.NET no longer works. This is a complete rewrite that is no longer dependent on System.Web, which is required for previous security templates. The framework uses what they learned from OWIN, and includes this. ASP.NET 5 is the new breed of OWIN. But middleware is added in exactly the same way. Previous middleware libraries for OWIN should work in ASP.NET 5.

@Pascal, that @DavidL means that in the web application pipeline you add authentication as middleware. You do this as an extension method on IAppBuilder.

First you need to add the authentication library as a dependency in the project.json file:

 "dependencies": { "Microsoft.AspNet.Server.IIS": "1.0.0-beta4", "Microsoft.AspNet.Server.WebListener": "1.0.0-beta4", "Microsoft.AspNet.Mvc": "6.0.0-beta4", "Microsoft.AspNet.Authentication.Cookies": "1.0.0-*",

Then you should look at the examples on the official MicroSoft ASP.NET Security GitHub page

Look at the lines:

  using Microsoft.AspNet.Authentication.Cookies;

and

  app.UseCookieAuthentication(options => { options.AutomaticAuthentication = true; }); app.Run(async context => { if (string.IsNullOrEmpty(context.User.Identity.Name)) { var user = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, "bob") })); context.Authentication.SignIn(CookieAuthenticationDefaults.AuthenticationScheme, user); context.Response.ContentType = "text/plain"; await context.Response.WriteAsync("Hello First timer"); return; } context.Response.ContentType = "text/plain"; await context.Response.WriteAsync("Hello old timer"); });

This should appear before app.UseMvc () in the MVC 6 web application. Hope this helps :)

+1
source

This is still an option when you select the mvc project template in asp.net 5. So just use the mvc template and add your api web controllers to it. In any case, the Web api and mvc use the same controllers in v5. Of course, you probably want to change some of the auth controllers to return json instead of views so that they are more suitable for web api.

MS made a lot of changes in the identification system in preparation for asp.net 5, so it makes no sense to me that they will exclude it from their templates (at least, as an option, this is what it has always been). I expect that they have not had time to update the templates yet.

From github readme:

https://github.com/aspnet/Identity

ASP.NET Identity is a new membership system for creating ASP.NET web applications. ASP.NET identifier allows you to add login functions to the application and simplifies the configuration of data about the registered user.

This project is part of ASP.NET vNext. You can find samples, documentation, and getting started instructions for ASP.NET vNext in the Home repo.

+1
source

More articles:


All Articles