All subsequent requests to the web api (App3) are then Authenticated and allowed to be executed.
The login app then forwards the user from App1 to App2. When I call the "Login" method in my AccountController, if login is successful - it returns a Set-Cookie directive with the following name: ".Application" (this is used for authentication) This allows me to lock down the web api, so only authenticated requests get processed (using the attribute). And the login/logout/register etc is exposed via web api methods in my AccountController. In app 3, I have the usual asp.net core SignInManager and UserManager code (the same code as you get by default when you start a new MVC 6 template - only different is, it exists in my web api here). App 2 is an Angular SPA app and is the main app in the solution.App 1 is an MVC app used for authenticating a user.I have three applications in my solution, all built in asp.net core 1 MVC 6.
0 kommentar(er)
