我正在将凭证发送到创建用户的API,然后通过MVC登录方法在Web API中创建令牌并返回令牌以响应MVC,现在我想将令牌存储在MVC Cookie中,然后在击中API Controller授权时再次将其发送给Web API行动。 这是我的WEB API项目中的Startup.cs类。
public class Startup
{
public static OAuthAuthorizationServerOptions OAuthOptions { get; set; }
public void Configuration(IAppBuilder app)
{
ConfigureOAuth(app);
var config = new httpconfiguration();
// config.Filters.Add(new AuthorizeAttribute());
WebApiConfig.Register(config);
app.UseWebApi(config);
}
public void ConfigureOAuth(IAppBuilder app)
{
app.UseCors(CorsOptions.AllowAll);
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/token"),Provider = new OAuthCustomeTokenProvider(),// We will create
accessTokenExpireTimeSpan = TimeSpan.FromSeconds(40),AllowInsecureHttp = true,RefreshTokenProvider = new OAuthCustomRefreshTokenProvider() // We will create
};
app.UseOAuthAuthorizationServer(OAuthOptions);
app.UseOAuthBearerTokens(OAuthOptions);
app.UseOAuthBearerauthentication(new OAuthBearerauthenticationOptions());
}
}
我在MVC Controller中的登录方法。
[HttpPost]
public actionResult Login(UserViewModel userViewModel)
{
var client = new RestClient(url);
var request = new RestRequest("api/Users/LoginUser",Method.POST);
request.AddJsonBody(userViewModel);
var response = client.Execute<List<UserViewModel>>(request);
var jObject = JObject.Parse(response.Content);
String token = jObject.Getvalue("access_token").ToString();
return RedirectToaction("Index","Dashboard");
}
我的Web API控制器代码是
[HttpPost]
[Route("LoginUser")]
public async Task<IHttpactionResult> LoginUser(User model)
{
var request = HttpContext.Current.Request;
var tokenServiceUrl = request.Url.GetLeftPart(UriPartial.Authority) + request.ApplicationPath + Startup.OAuthOptions.TokenEndpointPath;
using (var client = new HttpClient())
{
var requestParams = new List<keyvaluepair<string,string>>
{
new keyvaluepair<string,string>("grant_type","password"),new keyvaluepair<string,string>("username",model.EmailId),string>("password",model.UserPassword)
};
var requestParamsFormUrlEncoded = new FormUrlEncodedContent(requestParams);
var tokenServiceResponse = await client.PostAsync(tokenServiceUrl,requestParamsFormUrlEncoded);
var responseString = await tokenServiceResponse.Content.ReadAsStringAsync();
var responseCode = tokenServiceResponse.StatusCode;
var responseMsg = new HttpResponseMessage(responseCode)
{
Content = new StringContent(responseString,Encoding.UTF8,"application/json")
};
return ResponseMessage(responseMsg);
}
}
我想从Web API获取员工列表 MVC控制器
[HttpGet]
public UserViewModel GetEmployeeRecord(UserViewModel param)
{
var client = new RestClient(url);
var request = new RestRequest("api/Users/GetallEmployeeList",Method.GET);
var response = client.Execute<List<UserViewModel>>(request);
var userlist = response.Data;
}
从Web API控制器获取响应。代码是
[HttpGet]
[Authorize]
[Route("GetallEmployeeList")]
public HttpResponseMessage GetallEmployeeList()
{
using (DbProjectsEntities db = new DbProjectsEntities())
{
var userlist = db.sp_GetUsersList().ToList();
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.OK,userlist);
return response;
}
}
使用授权属性时如何存储令牌以获取员工列表。 以及令牌过期时,请转到登录页面。