Answer the question
In order to leave comments, you need to log in
Three questions about building a multi-platform service?
Good time,
I think that many will be interested to know the answers.
initial data : some functionality is provided to the user on different platforms, i.e. there is a website, there is a desktop application, there is a mobile application. Well, for example, trite: TODO list. Somewhere the functionality is duplicated, i.e. you can add a task to your schedule from your phone, or go to the site, or from the desktop version. Some features are only on one platform. It is clear that since the data must be merged into one place, synchronized, there is a server with the rest API behind all this.
What I do : I take ASP.net 5 (well, i.e. Core 1), I make a site on MVC 6 there, I put it all in Azure. I'll probably write a mobile phone on Cordova, desktop - on WPF.
Question #1: Should WebAPI (which will be pulled by all platforms, including the site) be made a separate project? Why can't you just make a couple of separate controllers for rest calls in the same MVC site that will give json?
Question #2: how to make a single authorization? I understand how rest works, and that tokens are usually used, I don’t want to pile up the wheel, for sure in ASP.net all this somehow works out of the box, i.e. a person registers on the site,
a request to WebAPI (if this is a separate project) - apparently, we take a token from the current authorized user.
request from Desktop - once we ask for a login and password, send it to WebAPI, get a token and store it on a computer? (Is this all cycling?)
Well, apparently also a mobile phone. How to do it all out of the box, beautifully?
Question #3: according to the schedule it is necessary to send mail. Do I understand correctly that a schedule is configured in Azure, which pulls some rest in my WebAPI (by the way, which one? post?), And he sends mail? There is also an issue with authorization, Azure allows you to choose either a client certificate or set a login / password.
thank!
Answer the question
In order to leave comments, you need to log in
The answers to all three questions depend on your development approach and code culture. As a tip:
#1 Having a separate backend gives you more scalability and less coupling. But why then serverside for the site? Separate methods under json are double work that has already been done in WebAPI.
#2 As an enterprise programmer, I'm not good at human authorization, but what you describe looks like a modern way of working with tokens: look towards refresh token .
#3 This will be your authorization inside the infrastructure, so do what is convenient. This method is clearly not CRUD, you can configure a separate route for such requests.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question