I have two web applications (front-end with knockout.js and backend with web api using asp.net 5 with mvc6). I have implemented authentication in web api and it works fine while I view it locally. Both local passwords and an external login with a Microsoft account are available.
Now I want to access the web api from the knockout.js interface, and I'm not sure what to return to the interface after calling ajax (for password based authentication) and external authentication.
My code for Startup.Configure is
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) { loggerFactory.MinimumLevel = LogLevel.Information; loggerFactory.AddConsole(); app.UseCors(policy=>policy.AllowAnyHeader().AllowAnyMethod().AllowAnyOrigin()); app.UseCookieAuthentication(options => { options.LoginPath = "/account/login"; options.AuthenticationScheme = "Cookies"; options.AutomaticAuthentication = true; }); app.UseMicrosoftAccountAuthentication(options => { options.ClientId = configuration["Auth:Microsoft:ClientId"]; options.ClientSecret = configuration["Auth:Microsoft:ClientSecret"]; options.AuthenticationScheme = "Microsoft"; options.SignInScheme = "Cookies"; }); app.UseIdentity(); app.UseMvcWithDefaultRoute(); }
What's in the account controller
[HttpPost] [AllowAnonymous] public async Task<IActionResult> Login(LoginViewModel model, string returnUrl = null) { if (ModelState.IsValid) { var result = await signInManager.PasswordSignInAsync(model.email, model.password, model.rememberMe, false); if (result.Succeeded) return Ok(); var parsedResult = new FailedSignInResult { isLockedOut = result.IsLockedOut, isNotAllowed = result.IsNotAllowed, requireTwoFactor = result.RequiresTwoFactor }; return FailWith(parsedResult,"Error authenticating account"); } return FailWith(ModelState, "Model invalid"); } [AllowAnonymous] public IActionResult External(string provider) { var props = new AuthenticationProperties { RedirectUri = "/signin-microsoft" }; return new ChallengeResult(provider, props); }
I looked through a lot of posts about this, and there are several conversations about tokens, but I donโt know how it fits here. Some other posts seem to answer the question about previous versions of ASP.NET, but not Asp.net 5. Any links related to this time will be appreciated.
source share