Reputation: 1663
WebApi Controller Lifecycle
So, here's the deal.
I have a WebApi with a number of Controllers. I have an Identity Server configured to to Authentication. This all works.
When I make a call on the API and I pass the appropriate token, if I put a breakpoint in any of the Actions of the Controller, the User object is properly populated.
Now, the code that the API Actions execute needs data related to the authenticated user. If I attempt to execute this code in the constructor of the Controller my code fails because User is not yet properly populated.
So, to my question: is there some element of the Controller's lifecycle, that I have yet to discover, that will allow me to execute code for every call on the Controller (like it would in the constructor) but where the User object has been properly populated?
Upvotes: 1
Views: 3726
Answers (2)
Reputation: 7285
You can add some kind of token(encrypted UserId/Guid) in the header. You can use the header variable/token to get the User object in the controller side.
Upvotes: 0
Reputation: 28747
The User is only assigned well after the controller is created. There are no events on ApiControllers that you can handle to do that. The most common way to this is to extract a method that retrieves the extra information and call it in every action
Upvotes: 1
Related Questions
- .net webapi OAuth2
- ASP.NET MVC 5 and WebApi 2 Authentication
- Correct login process for WebApi and OAuth
- Web API controller and MVC controller - Authentication
- Cannot understand MVC5 + WebApi2 Authorization
- Authentication for MVC4 Web Api
- WebApi and MVC controllers
- Where do I handle custom authentication and authorization in webapi?
- WebApi and Controller Authentication
- Implementation of two legged OAuth 2.0 for WebApi