I have been working on a project with ASP MVC 5 for a long time.
Now, a requirement has been added, which implies the updating of certain information in the database, in addition to the processing of other, in a routine way.
So I thought to do it by creating a ''mini api'' and using the Windows scheduled tasks, make the call periodically...
But here I had the following doubt...
How do I authenticate through an api call using the attribute Authorize
?
To this day, I have always used the Identity 2.0 extensions, for example
[Authorize(Roles = "Admin")]
public JsonResult CargarTodosLosArticulos()
{
return null;
}
and in this way validate that there is a user logged into the site, in addition to being an admin.
My intention is not to change this validation method.
Today, I am trying to make the call as follows
var request = new RestRequest(ruta);
request.AddParameter(parameterName, codigoDelfos);
var result2 = mClient.Execute<MyResponse<GetAccesoriosResponse>>(request);
if (result2.StatusCode != HttpStatusCode.OK)
{
throw new Exception("Fué imposible establecer la conexión con el servidor.");
}
Is it possible to simulate this login from a call like the one seen above?
Or do I fall into the obligation to implement a Token system to do it?
Greetings and thanks!
What you can do is create a custom authorization attribute by creating a class that extends a
AuthorizeAttribute
and overriding theAuthorizeCore
. The modification consists of passing an additional parameter to the route to indicate that it is being called from the task scheduler, if the parameter is not found then it will perform the normal validation, if the parameter is found (it must have a value or else it will be null ) then it takes the credentials from the url and performs the validation, if they are correct it returns atrue
allowing access to the method.How to use it: