How do you implement authentication in servicestack.net

StackOverflow https://stackoverflow.com/questions/5865086

Question

I'm investigating servicestack.net - but it's examples and articles don't seem to cover authentication - is this something handled by servicestack.net - and if so how?

In particular I'm interested in implementing support for:

  • OAuth (So being able to inspect the raw request and validate it/retrieve the associated user info and associate with the request prior to passing it onto servicestack.net for processing).
  • Session/cookie based authentication (so allowing for Ajax clients which already have a valid ASP.Net session to use that for authentication, instead of needing to explicitly pass login and password details to obtain a session token suitable for submitting with subsequent requests).

Could someone point me in the direction of documentation/examples that demonstrate authentication/security when using the ServiceStack.Net framework.

Was it helpful?

Solution

Edit: There is now a new Authentication provider model in ServiceStack with the following built-in providers:

  • Credentials - For authenticating with username/password credentials. e.g. Form Auth
  • Basic Auth - Allowing users to authenticate with Basic Authentication
  • Twitter OAuth - Allow users to Register and Authenticate with Twitter
  • Facebook OAuth - Allow users to Register and Authenticate with Facebook

The new auth provider model is entirely optional and is a user-level library built on top of ServiceStack's existing Request / Response filters.

For more info on how to create your own check this thread for authentication options in ServiceStack.

https://groups.google.com/d/topic/servicestack/U3XH9h7T4K0/discussion

Basically you can use Request filters to intercept the request or a base class to add generic validation logic. The thread contains examples of both options.

Alternatively you can host ServiceStack together with another ASP.NET web framework so you can use its built-in auth provider, and just validate a valid user session in ServiceStack using Request Filters and cookies.

Here's an example of implementing HTTP Basic Auth with Request filters

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top