Implement Basic Authentication In Asp.Net Web Api

Basic authentication sends additional information in every HTTP request, using basic authentication, we would pass the user’s credentials or the authentication token in the header of the HTTP request. That header information will be checked at the server side. If the information sent in header is correct then it will give 200 OK as response, if not then it will give 401 unauthorised access as response.
Following the code sample of HTTP Basic Authentication:
Step 1: Create Helper Class for Basic Authentication

using System.Linq;
using System.Net;
using System.Net.Http;
using System.Threading;
using System.Threading.Tasks;
using System.Web;
 
namespace ApiServer.Helper
{
    /// <summary>
    /// Purpose: This class is used for authencation of HTTP request by end user.
    /// </summary>
    public class BasicAuthentication : DelegatingHandler
    {
        protected async override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
            try
            {
                ///Below Authentication Token Recieved Whenever User Communicate With HTTP POST Request
                ///This Header Information Will Be There In Every HTTP POST Request
                var authenticationToken = "9DCA8F18-C15F-44A7-8F33-63DBD363578D";
 
                ///Check Whether The Authentication Token Is Valid Or Not
                if (HttpContext.Current.Request.HttpMethod == "POST" && !request.Headers.Contains("AuthenticationToken"))
                {
                    return new HttpResponseMessage(HttpStatusCode.BadRequest)
                    {
                        Content = new StringContent("Invalid Header: Please provide valid header information.")
                    };
                }
 
                if (request.Headers.Contains("AuthenticationToken"))
                {
                    ///If User HTTP Request Header information Does Not Match With Provided Token
                    ///Then They Will Not Allows To Get Any Information In Any HTTP POST Request
                    if (request.Headers.GetValues("AuthenticationToken").FirstOrDefault() != authenticationToken)
                    {
                        return await Task.Factory.StartNew(() =>
                        {
                            return new HttpResponseMessage(HttpStatusCode.BadRequest)
                            {
                                Content = new StringContent("Invalid Security Token.")
                            };
                        });
                    }
                    else
                    {
                        return await base.SendAsync(request, cancellationToken);
                    }
                }
 
                return await base.SendAsync(request, cancellationToken);
            }
            catch (System.InvalidOperationException ex)
            {
                return new HttpResponseMessage(HttpStatusCode.BadRequest)
                {
                    Content = new StringContent(ex.Message)
                };
            }
        }
    }
}


Step 2: Register above Basic Authentication Handler in Global Class

using System;
using System.Web.Http;
 
namespace ApiServer
{
    public class WebApiApplication : System.Web.HttpApplication
    {
        protected void Application_Start()
        {
            GlobalConfiguration.Configure(WebApiConfig.Register);
 
            GlobalConfiguration.Configuration.MessageHandlers.Add(new Helper.BasicAuthentication()); // Register Handler
        }
    }
}

Comments

Post a Comment

Popular posts from this blog

How To Detect Listview Scroll State (Idle/Running) In Xamarin.Forms?

In xamarin.forms, their is no event available to check listview scroll state. So, in that case, we have to customize the Listview control in xamarin.forms. Following is the sample code to detect scroll state of listview: Portable Library:  In a portable library project, add class “CustomListview.cs”  public class CustomListview : ListView {     public CustomListview() { }     public CustomListview(ListViewCachingStrategy cachingStrategy) : base(cachingStrategy) { }     public event EventHandler<ScrollStateChangedEventArgs> ScrollStateChanged;     public static void OnScrollStateChanged(object sender, ScrollStateChangedEventArgs e)     {         var customListview = (CustomListview)sender;         customListview.ScrollStateChanged?.Invoke(customListview, e);     }     public event EventHandler<ItemTappedIOSEventArgs> ItemTa...
Read more

Generic Web Api Client Request (GET/POST)

Here i am going to explain, how to create generic web api client request, 1. It will helps you to manage all HTTP request from single class. 2. It will helps you to reduce your number of duplicate code as well. (No more repeat code for HTTP client). Use NuGet Package Manager to install the Web API Client Libraries package. From the Tools menu, select NuGet Package Manager > Package Manager Console. In the Package Manager Console (PMC), type the following command: Install-Package Microsoft.AspNet.WebApi.Client Following is the sample code for Generic HTTP request: using System; using System.Net.Http; using System.Net.Http.Headers; using System.Text; using System.Threading.Tasks; namespace ApiRequestSample {     public class GenericHttpRequest     {         protected static string HeaderName { get { return "AuthenticationToken"; } }         protected static string HeaderValue { get...
Read more

How To Upload File/Image Using Multipart/Form-Data From Client Side To Server? – Client Side (Part 2)

In this post, i am going to explain how to send mutipart/form-data from client side. A HTTP multipart request helps to send files/images and data over to a HTTP server. It is a very common approach used by browsers and any other HTTP clients to upload files to the server. using System; using System.Linq; using System.Net.Http; using Xamarin.Forms; namespace ClientApi {     public partial class MainPage : ContentPage     {         public MainPage()         {             InitializeComponent();         }         /// <summary>         /// Purpose: Post multipart data i.e. image or file         /// </summary>         protected async void SaveAttachment(byte[] attachment, string fileName, string attachmentType, string orgFileName)         {   ...
Read more