C
C#6mo ago
bwca

Need authentication from MVC to WebAPI

Hi all, Can someone point me in the right direction here. I want to do something simple. I want to spin up a new .netcore8 solution. I'm going to have 2 stand-alone projects. A MVC and a WebAPI project. When deployed, both of these will be running in their own IIS instances. I need to authorize the MVC app to talk to the WebAPI app. No identity server. No 3rd party stuff. (eg no Okta/AD or anything else) This is going to be super simple, and a POC. I'm going to store the creds in each appSettings file.
Can someone point me in the right direction on either: a)A sample solution template or b)Which nuget packages do I need to install/explore? All my google searches are way to complicated for what I want to do. Thanks!
4 Replies
Pobiega
Pobiega6mo ago
Simplest solution sounds like just adding a global action filter that checks for a pre-determined header value, like a singular API key
bwca
bwca6mo ago
That's what I did. After posting this question, and doing some searching on this channel, it pointed me in the right direction. Thanks for confirming!
bwca
bwca6mo ago
For completeness, in case anyone else is interested, I found this gem. (no idea who this is, but, it worked great) https://github.com/Elfocrash/L2Proxy/blob/7a5b321f2a9403188f74f78ed9b9b72f7de565f1/L2Proxy/Auth/ApiKeyAttribute.cs
GitHub
L2Proxy/L2Proxy/Auth/ApiKeyAttribute.cs at 7a5b321f2a9403188f74f78e...
A simple MITM Proxy for Lineage 2. Contribute to Elfocrash/L2Proxy development by creating an account on GitHub.
bwca
bwca6mo ago
[AttributeUsage(AttributeTargets.Class)] public class ApiKeyAttribute : Attribute, IAsyncActionFilter { private const string APIKEYNAME = "ApiKey"; public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { if (!context.HttpContext.Request.Headers.TryGetValue("x-api-key", out var extractedApiKey)) { context.Result = new ContentResult() { StatusCode = 401, Content = "Invalid API key" }; return; } var appSettings = context.HttpContext.RequestServices.GetRequiredService<IConfiguration>(); var apiKey = appSettings.GetValue<string>("ApiSettings:ApiKey"); if (!apiKey.Equals(extractedApiKey)) { context.Result = new ContentResult() { StatusCode = 401, Content = "Invalid API key" }; return; } await next(); } }
Want results from more Discord servers?
Add your server
More Posts
Visual Studio doesnt show errors and projectsHey, I encountered a small issue with Visual Studio Community 2022 - it doesn't show projects in solAsp.Net Core How to create PDF Product Catalog With a template with an image in the backgroundI am developing a web application with Asp.net. The application will select the products on the e-coBest Way to store data for an Discord BotHey everyone, i need some input from some experts 😉 I am trying to build an Discord Bot who gives Rjust begun learning ASP.NET Core MVC and am looking for any good material to help mei am very new to ASP.Net so am just looking for some beginner friendly resources to begin properly lHello. I am facing an issue with null exception after calling OnPost method in my razor pages site.When i call method OnGet i load all of the information about property. public void OnGet(int✅ hey. im new to learning asp.net and was wondering if anyone had any suggestions as where to start?just any ideas of things to do/ things to watch would be great!Measuring sub-millisecond execution time with Methodtimer.FodyI am using https://github.com/Fody/MethodTimer to measure code execution time. The function I am try✅ How to SimplifyI have this https://gist.github.com/IXLLEGACYIXL/399c51cf0341188bdc4e02a820c34ce0 I need the generic✅ Blazorserver - Value after manual db-update not changing after new fetchHello, I setup a blazorserver project and implemented a db connection and wanted to load user data.How do I using Roslyn with correct version of .net# How do I using Roslyn with correct version of .net Hello I'm new to C# and roslyn usage, I'm tryi