Web API – authenticate with bearer token
What you need to do is follow these steps
- Create a Web API project with Individual User Accounts Authentication.
- Now, you will have all ready to use API's for Register, change password, as well as API endpoint to generate token for a user.
- Create another project but this time it is MVC with No Authentication in same solution.
well this will be our architecture
This is API controller
[Authorize]
public class ValuesController : ApiController
{
[HttpGet]
public IEnumerable<string> Get()
{
return new string[] { "values1", "values2" };
}
}
This is your MVC controller
public class MVCValuesController : Controller
{
HttpClient client;
// web api Url
string url = string.Format("http://localhost:60143/api/Values");
string bearerToken = string.Format("bearer token from web api");
public MVCValuesController()
{
client = new HttpClient();
client.BaseAddress = new Uri(url);
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
client.DefaultRequestHeaders.Accept.Add("Authorization", "Bearer " + bearerToken);
}
public ActionResult GetValues()
{
HttpResponseMessage responseMessage = client.Get(url);
if (responseMessage.IsSuccessStatusCode)
{
var responseData = responseMessage.Content.ReadAsStringAsync().Result;
var jsonResponse = JsonConvert.DeserializeObject<List<string>>(responseData);
return View(jsonResponse);
}
return View("Error");
}
}
I have not used async here, but you can do it. and also you need to start both of your projects when you run it. right click on solution and click Set Start Up projects
then you can select multiple projects and set action as Start
.
public class MVCAccountController : Controller
{
HttpClient client;
// web api Url
string url = string.Format("http://localhost:60143/");
//string bearerToken = string.Format("bearer token from web api");
public MVCValuesController()
{
client = new HttpClient();
client.BaseAddress = new Uri(url);
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
// just adding a JObject you can create a class
JObject tokenJobject = new JObject(
new JProperty("Email", "[email protected]"),
new JProperty("Password", "Pass123"));
new JProperty("ConfirmPassword", "Pass123"));
HttpContent baseContent = new StringContent(tokenJobject.ToString(), Encoding.UTF8, "application/json");
//client.DefaultRequestHeaders.Accept.Add("Authorization", "Bearer " + bearerToken);
}
public async Task<ActionResult> GetValues()
{
string requestUri = string.Format("api/Account/Register");
HttpResponseMessage responseMessage = await client.PostAsync(requestUri, baseContent);
if (responseMessage.IsSuccessStatusCode)
{
var responseData = responseMessage.Content.ReadAsStringAsync();
var jsonResponse = JsonConvert.DeserializeObject<string>(responseData);
return View(jsonResponse);
}
return View("Error");
}
}
public class MVCValuesController : Controller
{
HttpClient client;
// web api Url
string url = string.Format("http://localhost:60143/api/Values");
string bearerToken = string.Format("bearer token from web api");
public MVCValuesController()
{
client = new HttpClient();
client.BaseAddress = new Uri(url);
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", bearerToken);
}
public ActionResult GetValues()
{
HttpResponseMessage responseMessage = client.Get(url);
if (responseMessage.IsSuccessStatusCode)
{
var responseData = responseMessage.Content.ReadAsStringAsync().Result;
var jsonResponse = JsonConvert.DeserializeObject<List<string>>(responseData);
return View(jsonResponse);
}
return View("Error");
}
}