WebApi and Controller Authentication

Question

I've currently got an MVC4 site running with custom user authentication (we eventually set FormsAuthentication.SetAuthCookie) and everything works fine.

I want to move from the current setup and use a new Web API to serve the data in a REST format

my question is - using a Web API what is the best way to check if a user is logged in? say we want to just expose the Web API to another device, how could I control a user being authorized to use the API?

any help would be great!

cheers ste.

This is similar to a question raised here http://stackoverflow.com/questions/9531475/net-mvc-4-webapi-authentication — frictionlesspulley, Jan 09 '13 at 14:21

score 1 · Accepted Answer · answered Jan 09 '13 at 15:14

1

Have a look at this sample, should be exactly what you need:

http://leastprivilege.com/2012/10/23/mixing-mvc-forms-authentication-and-web-api-basic-authentication/

answered Jan 09 '13 at 15:14

leastprivilege

18,196
1
34
50

WebApi and Controller Authentication

1 Answers1