Geek Answers Handbook

Cross-Platform ServiceStack Authentication

What is the best way to architect the next authentication solution?

I have a standalone (not integrated with MVC) service level ServiceStack REST. This service is the entry point to all my data. Data is not stored on the client.

I have several clients (ASP.Net MVC 4 website, MonoTouch application, MonoDroid application, Silverlight application, MonoMac application, etc.).

I would like to provide authentication (Facebook, Twitter, etc.) at the service level, including storing users in MongoDBAuthRepository, but allow clients to provide a login interface (do I need this?). For example, for an MVC site, I would like to integrate the remote ServiceStack authentication service (including Facebook, Twitter) with the MVC authentication system. It seems that the actual authentication should be done by the service side, but the client side needs to keep the authentication response.

I read the wiki, watched SocialBootstrap and read the forum, but I'm still confused about how this should work in a distributed way.

+8
authentication servicestack
source share
1 answer

For OAuth options, such as Twitter + Facebook, your authentication must happen in the browser, as each of them requires a redirect from its respected auth provider to receive trusted verification from each user. Some mobile apps do this by embedding a browser widget for Twitter + FB Auth.

As soon as a user authenticates with Twitter + Facebook and credentials in the same completed session, ServiceStack AuthProviders automatically merges all Auth data into one account. Thus, later you will be able to log in with 1 auth provider, but get access to information accessible by all 3. The SocialBootstrapApi project serves as an example of this.

+5
source share

More articles:


All Articles