I created MVC4 application with internet application template, added an API controller with authorize attribute.
How can I make api controller action return user specified data?
Currently I am using WebSecurity.GetUserID to get Userid, I have Userid in the data table.
After compiling the application, if I call api controller action first, I will have following error message:
You must call the "WebSecurity.InitializeDatabaseConnection" method before you call any other method of the "WebSecurity" class. This call
should be placed in an _AppStart.cshtml file in the root of your
site.
if I go to MVC controller action frist, and come to api action again, it works fine.
I am wondering how to solve this issue, and what is the best practice to handle user specified data with web api and MVC4, Thanks.
Related
I am using ASP.NET Core MVC. In my project I use Ajax in order to get some JSON data from an action on my controller. It requests data from the database, then return it as json. It works well.
I want to use role-based authentication in my ASP.NET Core MVC project.
This is my question: if I use a controller action restriction by something like [Authorize(Roles = "Admin")], will it allow anyone whose role is "Admin" to call this method? (I mean will it work without any other trouble just by logging in as Admin)
And will it disable accessing those data when the role is not "Admin"`?
I have not still add Identification to my new project and I'm new to using Ajax.
I have just tested it and it does as desired. It return 401 Unauthorized status code when the user is not authorized and 200 OK success status response code. Thanks guys for your responses.
When I created a WebAPI project, and then a MVC project. In MVC project, I run a sever https://localhost:44303/ which has a page. In this page I created a button for ajax call. I call to my WebAPI project https://localhost:44369/ (different origin), and of course I get CORS policy. I cannot get any data. But when I change the ajax call to a fake API like on the internet https://jsonplaceholder.typicode.com/todos/1, I can get data. I think the fake API and the MVC project have different origin, so CORS should prevent the ajax call. Why can I still get the data from that fake API?
They are simply accepting request from all ip
I'm having trouble authenticating users via Vue 2.0.
In Vue I have a form in which the user enters all his data and submits it via POST to a Laravel (web route) endpoint.
Then the user is created in the UserController method with the supplied data and I'm stuck at this point as I don't manage to authenticate my user after creation and redirecting him to some route (other page).
User creation goes fine...
Can someone explain me rapidly how it should work? (as I understood that I can't redirect from the controller as the data is POSTed via an ajax call).
What's the "right" way to do this as I'm afraid I'm completely mistaken :)
Thanks in advance for your help.
You would have to perform the redirection at the front end script after receiving the response from the controller method.
This is my thought as a possible solution for you:-
The authentication can be done in the controller following the creation. The controller method then need to return a JSON response indicating success.
Note: Laravel 5.3 ships with pre-built authentication controllers. RegisterController handles user registration.
The Vue script need to process the response i.e. if success, redirect to somewhere or if failed, prompt a message.
Cheers!
I am making a OAuth request to Google Contact API and want to redirect response to another page.
Is it possible without going through Controller? (I understand it will be against MVC model)
If yes then what will be my complete redirect url for another page which is in View folder. Because I have to provide it upfront on Google API Console.
What code have you tried? What data will be displayed on the view. If there's no data it will be easy.
Currently, I building my website personal (using ASP.NET MVC 3).
I want to provide some services to public by using API, finished building everything, but RESTFul does not contain on Authorization, I read this article:
http://blogs.msdn.com/b/rjacobs/archive/2010/06/14/how-to-do-api-key-verification-for-rest-services-in-net-4.aspx
But I could not use the method with ASP.NET MVC 3!!
I want the following:
1- Send Api-Keys for those who want to use my service
2- verify Domain (owner api-key == OR != owner domain) !!!! Is this possible?
You could make it a requirement that they always send their key in the requests. Then you could subclass the AuthorizeAttribute to check if the key in the request matches something in your datastore. This attribute can then be decorated on your controllers.
You can get the domain making the request using Request.UrlReferrer