servicestack" />
servicestack,Authentication,Authentication 如何使用ServiceStack对web浏览器请求使用基本身份验证?
我有一个使用ServiceStack构建的RESTAPI。调用REST API时,我正在使用BasicAuthentication,没有任何问题(我正在向Authentication 如何使用ServiceStack对web浏览器请求使用基本身份验证?,authentication,
servicestack,Authentication,
BasicAuthProviderAuthFeature [DefaultView("Login")]
public class SiteLoginService : EnshareServiceBase
{
public object Get(SiteLoginRequest req)
{
return new SiteLoginRequest();
}
public object Post(SiteLoginRequest req)
{
//I am trying to use the registered IAuthProvider, which is the BasicAuthProvider
var authProvider = ResolveService<IAuthProvider>();
authProvider.Authenticate(this, EnshareSession,
new ServiceStack.ServiceInterface.Auth.Auth()
{
Password = req.Password,
UserName = req.UserName
});
return HttpResult.Redirect(req.Redirect);
}
}
[Route("/login")]
public class SiteLoginRequest : IReturn<SiteLoginRequest>
{
public string Redirect { get; set; }
public string Password { get; set; }
public string UserName { get; set; }
}
[DefaultView(“登录”)]
公共类SiteLoginService:EnshareServiceBase
{
公共对象获取(SiteLoginRequest请求)
{
返回新的SiteLoginRequest();
}
公共对象发布(SiteLoginRequest请求)
{
//我正在尝试使用注册的IAuthProvider,它是BasicAuthProvider
var authProvider=ResolveService();
authProvider.Authenticate(此、EnshareSession、,
新建ServiceStack.ServiceInterface.Auth.Auth()
{
密码=请求密码,
UserName=req.UserName
});
返回HttpResult.Redirect(请求重定向);
}
}
[路由(“/login”)]
公共类SiteLoginRequest:IReturn
{
公共字符串重定向{get;set;}
公共字符串密码{get;set;}
公共字符串用户名{get;set;}
}
如何针对使用现有REST API的AuthProvider对站点用户进行正确身份验证?如果您将用户名和密码作为帖子传递,那么您可能怀疑您没有进行基本身份验证 解释如何使用JavaScript进行基本身份验证。从文章中:
function login() {
var username = document.getElementById(this.id + "-username").value;
var password = document.getElementById(this.id + "-password").value;
this.http.open("get", this.action, false, username, password);
this.http.send("");
if (http.status == 200) {
document.location = this.action;
} else {
alert("Incorrect username and/or password.");
}
return false;
}
ServiceStack还支持其他形式的身份验证,包括根据需要通过POST发送用户名和密码。如果您解释您的要求,我们可以提供一些建议。我想我还需要在AuthFeature中包含CredentialAuthProvider,它将公开/auth/credentials服务,我将表单发布到该服务
//this inherits the BasicAuthProvider and is used to authenticate the REST API calls
var myCustomAuthProvider = new CustomAuthProvider(appSettings);
var credentialsProvider = new CredentialsAuthProvider(appSettings);
container.Register<IAuthProvider>(myCustomAuthProvider);
container.Register<CredentialsAuthProvider>(credentialsProvider);
var authFeature = new AuthFeature(() => new EnshareSession(new MongoTenantRepository()),
new IAuthProvider[] {
myCustomAuthProvider,
credentialsProvider
})
/auth/credentials@继承ViewPage
@{
Layout=“AdminLayout”;
}
@LabelFor(m=>m.UserName,“登录名:”)
@Html.TextBoxFor(u=>u.UserName)
@LabelFor(m=>m.Password)
@Html.PasswordFor(m=>m.Password)
@Html.HiddenFor(m=>m.Continue)
Continue属性从其模型的Redirect属性填充到服务中。我不想使用javascript进行身份验证。我想从html表单执行一个普通的http post。注册AuthFeature时是否包含了
新的BasicAuthProvider() <form action="/auth/credentials" method="post">
<p class="entryfield">
@Html.LabelFor(m => m.UserName, "Login name:")
@Html.TextBoxFor(u => u.UserName)
</p>
<p class="entryfield">
@Html.LabelFor(m => m.Password)
@Html.PasswordFor(m => m.Password)
</p>
<input class="formbutton" type="submit" value="Login" />
</form>
HTTP/1.1 302 Found
Server: ASP.NET Development Server/10.0.0.0
Date: Wed, 30 Oct 2013 08:15:54 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ServiceStack/3,969 Win32NT/.NET
Location: http://localhost:64944/login?redirect=%2fadmin
Set-Cookie: X-UAId=3; expires=Sun, 30-Oct-2033 08:15:54 GMT; path=/; HttpOnly
@inherits ViewPage<ServiceStack.ServiceInterface.Auth.Auth>
@{
Layout = "AdminLayout";
}
<form action="/auth/credentials" method="post">
<p class="entryfield">
@Html.LabelFor(m => m.UserName, "Login name:")
@Html.TextBoxFor(u => u.UserName)
</p>
<p class="entryfield">
@Html.LabelFor(m => m.Password)
@Html.PasswordFor(m => m.Password)
</p>
@Html.HiddenFor(m => m.Continue)
<input type="submit" value="Login" />
</form>