There is a MVC project and a separate WebApi project. Access to the database is fully realized through WebApi (including authorization and authentication). That is, in this case, MVC is a client, WebApi is a server.

There was a question how to correctly implement authorization and authentication in the MVC project (on the client side). I read a lot how it is implemented in WebApi (via a token), but I can’t understand how to correctly use this token in MVC.

To make a wrapper to each request? I also don’t know how to define a user role in MVC. Maybe there is some possibility to remake the standard MVC authorization methods for working with a token? Will the Autorize attributes Autorize on the MVC client side? Please poke into some kind of example of such an implementation if possible, or tell me how best to implement it.

  • Asp.net identity is everything - Divannich Analyst
  • What do you mean by "everything is"? Can a more detailed answer? - P_Soltys
  • In ASP.NET Identity, the infrastructure for working with users and roles is already defined. There are methods for generating and verifying tokens (in case of changing the password or recovering it). It is not clear that you can not. And why do you think MVC is a client side? Requests also come and are processed on the server - Divanny Analyst
  • Perhaps I incorrectly explained. So I have two separate projects. One of them is WebApi. Only he communicates with the database. MVC - communicates with the database only via Web Api. The ASP.NET Identity implementation embedded in MVC provides for communication with the database directly. And I need ONLY what would be through Web Api. - P_Soltys
  • It doesn’t matter whether the DB is accessed or not, there may be another task, for example, working with the cache - Divanny Analitik

0