How to implement custom authentication logic in ASP .NET MVC 5?

S

stcmd042362016-07-12 11:30:17

ASP.NET

stcmd04236, 2016-07-12 11:30:17

Good afternoon! Recently started learning ASP .NET MVC5 WEB API. What the studio itself generates is not to be liked and is not needed. I googled but did not find a Russian-language normal description (I am lame with English, yes, yes, yes, I need to learn).
And so I want to do it:
For each user, a token (of openings) and a key (of closings) are issued upon registration. The token will be stored on the server in clear text. The key is in the form of a hash.
The client, using the token, composes a request in the following form:
/api/{token}/persons/{id}
In the request header, passes the hash created using the key and the query string in a certain order.
The server identifies the user by the token and also generates a hash from the query string using the user's key.
How can you implement what to read?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

D

Dmitry Kovalsky, 2016-07-12
@stcmd04236

Dig around here and here .

R

Roman, 2016-07-12
@yarosroman

It is better to pass the token in the HTTP header, and sap.net webapi has an implementation of Bearer authorization