I am planning to have both MVC and WEB API controllers in the same project. How do I separate those controllers when they are invoked from client application like angular. Whats the best preferred way to separate those (by verb/method name). Thank you.
Suppose you are requesting a MVC index ActionResult of controller named Home then the request will be like
http://yourdomain.com/Home/index.
and if you requesting a web api Get method which controller name is Service then request will be like this
http://yourdomain.com/api/Service
Related
i need to handle my authorization in my project
my project contains 5 libraries (DAL+COMMON+SERVICE+API+UI)
my UI project is accomplised by mvc and when i need to view partial view i request controller in mvc to return me partial view and when i need to add new item i call web api directly from my html so some times i called controller in mvc and sometimes i need to call web api from html using ajax call ,
i want to know where i will put my security permission in (UI) or in (API)
I would make sure that both your API and MVC layer are protected.
You can protect all controllers with some sort of Authorization, depending on how you set up your project to begin with.
If the API is part of the same MVC project then it can use the same authorization system like the MVC side of things.
If your API is completely independent and functions on its own then you can use something like IdentityServer, to protect it with OAuth2.
I currently have an ASP.NET MVC and ASP.NET WEB API 2 project (both types of controllers are included in the same project).
I want to ensure that a user cannot directly make a call to the Web Api and get raw data (such as http://domain/api/myaction). However, the Api methods should have the ability to be called by jquery via AJAX, and MVC Controller Actions should also be able to call the Web Api Actions (in cases where the initial View should be rendered with some data that came from the API).
What is the best approach to do something like this, or am I looking at this the wrong way?
There is no difference between Ajax call and "direct" call.
What you should do in any case of actions controller, is validate the request via token or whatever authentication method you have established.
If you are using Microsoft authentication you only need to add the [Authorize] tag above your controller/action.
https://msdn.microsoft.com/en-us/library/system.web.mvc.authorizeattribute(v=vs.118).aspx
how to create a web application using the ASP.NET Web API 2 project template and do some data operations like reading the data from the database and calling the Web API Controller method in the MVC Controller and call the adjacent view? any resources for that? I found one but it doesn;t go into much detail
http://www.c-sharpcorner.com/UploadFile/4b0136/integrating-Asp-Net-web-api-with-mvc-basic-infrastructure-by/
The below example provides a detailed explanation on how to call WebApi from a C# app, you can follow same for the asp.net mvc application also
http://www.asp.net/web-api/overview/advanced/calling-a-web-api-from-a-net-client
I am very new to MVC, My requirement is to develop application using Web Api 2 ,Asp.net identity ,Entity framework code first method. Can i put my web api and mvc in same project? can i generate api controller and controller from single model class using identity? I did a lot of search for this but i din't get perfect solution.
Thanks in advance
When I create a new ASP.NET MVC 4.0 project e.g. Single Page App or Mobile etc... they all have Controller classes inheriting from ApiController.
I do not need to expose a web service to someone else. I just want to run a public website with a private webapplication if logged in. I do not want ApiController but I want a Single Page App.
Why have they done it that way?
WebApi does not necessarily imply that you are creating a web service for someone else. Instead, when you are developing a single page app, you would use the WebApi controllers to deal with getting/posting data via ajax.
There is nothing stopping you from using regular controllers, but the WebApi is well suited for SPA. See any of the online tutorials where this technique is used.
It sounds like you want to create an Mvc4 Web Application using the Internet Application project template. This template uses forms authentication and creates controllers that inherit from System.Web.Mvc.Controller. If you are using Visual Studio 2012 then this template is installed (along with a handful of others including the Api Web template).
Right click on your controllers folder -> Add -> Controller and then choose an MVC controller from the template drop down. You don't have to use an API Controller.
If you think of what a SPA is, it's essentially an HTML page that uses JavaScript to get data from a WebAPI or some other web service. Like Bort said, web API calls are very well suited for SPA.
Personally, for a single page app, before they added the SPA template in Update 1 I'd just create a static .html page and make RESTful calls into my WebAPI controllers.