Frage

War es hilfreich?

Lösung

You wouldn't use the AntiForgeryToken with the service itself. It's actually quite simple if you are using MVC and the C# implementation of ServiceStack. Here is an example of how I would do it with C# and MVC for a login service.

[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel model)
{
    var client = new JsonServiceClient("http://host/api/");
    var response = client.Post(model);
    return this.View(response);
}

I hope this helps. With limited information on how you are trying to use it, it's hard to give a definitive answer.

EDIT/ADDED:

The AntiForgeryToken is really an MVC feature to be used within the controller not on the REST service. I don't think this would translate well.

If you wanted to use the AntiForgeryToken, you would do all of your calls (ajax or not) through your controller and let the controller's action do the talking to the service. If you needed to call the service directly from the front-end, you would pass over a unique token that you could store on the service/db side of things that would be passed in the headers and verified on the service side of things.

Lizenziert unter: CC-BY-SA mit Zuschreibung
Nicht verbunden mit StackOverflow
scroll top