How to Authenticate a user using a remote API?
I have an MVC website which uses an API to authenticate the user, so when
the user tries to log in, my server will redirect the login information to
my api server in order to verify if the login was successful. If it is,
the user is able to enter the "private" section of the website.
All I want to do is verify with the API if the user is registered in the
application and which type of user it is (admin or regular user).
Depending on the outcome, we would be allowed or not to see some pages.
I am wondering how to do that and I hope you can clarify some things for me.
My first option would be to use Forms authentication and its
infrastructure and just change the way the server checks the credentials
(verifying with the API instead of a DB). Is that possible?
If this is not possible, can I use the method
Application_AuthenticateRequest(object sender, EventArgs e) in my
global.asax Or do I need to create my own IHttpModule?
No comments:
Post a Comment