移动应用程序-使用ASP.NET进行身份验证和授权 [英] Mobile app - Authentication and authorization with ASP.NET
问题描述
我当时正在考虑开发与旧版Web App集成在一起的移动应用程序.
I was thinking in develop a mobile app, integrated with and old Web App.
我的第一个想法是使用PhoneGap(具有VS 2013的新支持)和REST WebApi服务.
My first idea is use PhoneGap (with the new support on VS 2013) and REST WebApi Service.
这个想法是让我的Web应用程序具有注册,登录等(使用ASP.NET标识).以及具有注册,登录等功能的移动应用程序(使用包装程序或带有令牌身份验证的ASP.NET Identity之类的东西)基本上将Web应用程序的功能反映在我的移动应用程序上(仅在身份验证和授权方面有所不同).
The idea is to have my web app with registration, login, etc (using ASP.NET Identity). And the Mobile app with registration, login, etc (using a wrapper or something like ASP.NET Identity with token authentication) Basically mirror the functionality of the web app on my mobile app (only with the authentication and authorization differences).
到目前为止一切都很好.
So far so good.
但是在网上搜索时,找不到适合与我的asp.net身份模块集成的好示例.目前,我知道移动应用程序不支持cookie,因此该想法是使用令牌身份验证".但是我找不到一个很好的例子来实现这一点并补充我的Web应用程序用户数据库.
But searching on the net I don't find any good example to integrate with my asp.net identity module. At the moment I know the mobile App's doesn't support cookie, so the idea is use the "token authentication". But I cannot find a good example to implement this and complement with my web app user database.
有一个像我的要求一样的教程或示例项目吗?开发此方法的最佳方法是什么?
There is a tutorial or sample project like my requirement? And what is the best approach to develop this?
谢谢.
推荐答案
我遇到过这种情况,但是我选择使用Xamarin for iOS构建客户端.我假设您想要一些动手的示例,所以这里是:
I have come across this exact scenario, but I chose to build the client using Xamarin for iOS. I am assuming you want some hands-on examples, so here they are:
1.在移动应用上永久存储帐户
https://components.xamarin.com/view/xamarin.auth
2.客户端包装程序(使其成为可移植类库)
2. The Client Wrapper (make this a Portable Class Library)
https://github.com/nbusy/NBusy.SDK/tree/master/src/NBusy.Client
基本上,登录时,AccountStore将令牌(无论您在服务器端使用的API种类,即基本身份验证,承载令牌等)都保存在本地加密存储中,并且由客户端使用每次对API进行调用时都使用PCL.
Basically, when you login, the AccountStore keeps the token (whatever kind you are using on the server side for the API, i.e. Basic Authentication, Bearer Token, etc.) on a local encrypted storage and it is used by the Client PCL on every call made to the API.
我对此有完整的工作解决方案,但无法将其公开.我希望这些提示能帮助您找到正确的解决方案.
I have the full working solution for this but I cannot make it public. I hope these hints will help you towards finding the right solution.
这篇关于移动应用程序-使用ASP.NET进行身份验证和授权的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
