Hello All,
After logging into the mvc application using authorize attribute, I am trying to call web api method which also has the Authorize attribute.
However, at this is point it is giving me unauthorized error. Why this is so ?
It should not give me such error as I have already logged into the application.
My mvc application and web api are in 2 different projects.
Any help on this appreciated !
MVC Login Controller
[Authorize]
public class AccountController : Controller
{
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
}
}
}Calling WebApi method from MVC controller
public ActionResult CallWebAPI()
{
try
{
HttpClient client = new HttpClient();
Uri baseAddress = new Uri("http://localhost/WebAPI/api/values");
client.BaseAddress = baseAddress;
client.DefaultRequestHeaders.Accept.Clear();
var response = client.GetAsync(baseAddress).Result;
if (response != null)
{
String err = response.Content.ReadAsStringAsync().Result;
TempData["key"] = err;
}
return RedirectToAction("Index", "Home");
}
catch (Exception ex)
{
throw ex;
}
}Web API controller
[Authorize]
public class ValuesController : ApiController
{
// GET api/values
public IEnumerable<string> Get()
{
return new string[] { "value1", "value2" };
}
}