Tag Archives: webapi

Home / webapi
4 Posts

With a new project we have, I was tasked with working on security. Initially, I used OWIN and cookie authentication to implement a simple login and all was good. However, we wanted to remove the ability to login and have it driven by an external site redirecting a user with a token.

More Link

Client side validation is pretty handy. However, as we all know, you can’t fully trust any data sent to your server from a web client. As such, we generally duplicate validation in both the client and server side scenarios. This isn’t a big problem, but it does create a disconnect when the client validation passes, but then the server validation fails. Even in duplication, I still want server-side validation to play an integral part of the overall user experience.

More Link

In my .NET 4.5 MVC projects, I already have helper methods/extensions that let me determine if a user has access to a particular controller action. This provides a nice mechanism to hide and show buttons, hyperlinks, or other UI action elements based on the authorization attributes that have been defined on the MVC Controller.

However, this is a bit more complicated with ApiControllers.

More Link