AngularJS with .NET Identity (MVC) Authenthication?

1,988 views
Skip to first unread message

Jake Pettersson

unread,
Feb 10, 2014, 8:51:05 AM2/10/14
to ang...@googlegroups.com
Does anyone have any tips on how to use .Net Identity authentication with AngularJS? I'm a complete newbie to both Angular and .Net that is using the Hot Towel Angular SPA Template ( https://github.com/johnpapa/HotTowel-Angular ) as a basis for an application. The .Net views are easily configurable to redirect to a login page with the [Authorize] attribute, but I don't know how to integrate this at all with the Angular front-end. The easiest solution seems like it would be to somehow redirect the main Angular page (index.html) to the .Net Razor home page if there's no user logged in. I don't really care if this login page is in a different layout, and I don't need/want to use razor views for anything else but I want the main app to be SPA. "Great" security is not really that important either, since this application will mostly be used internally; for now I just need something that works OK.

Many thanks!

Mauro Servienti

unread,
Feb 13, 2014, 1:49:56 AM2/13/14
to ang...@googlegroups.com

Does anyone have any tips on how to use .Net Identity authentication with AngularJS? I'm a complete newbie to both Angular and .Net that is using the Hot Towel Angular SPA Template ( https://github.com/johnpapa/HotTowel-Angular ) as a basis for an application. The .Net views are easily configurable to redirect to a login page with the [Authorize] attribute, but I don't know how to integrate this at all with the Angular front-end. The easiest solution seems like it would be to somehow redirect the main Angular page (index.html) to the .Net Razor home page if there's no user logged in. I don't really care if this login page is in a different layout, and I don't need/want to use razor views for anything else but I want the main app to be SPA. "Great" security is not really that important either, since this application will mostly be used internally; for now I just need something that works OK.

[.m] we are currently using the new Asp.Net Identity engine, well we are only leveraging the power of OWIN security and not the UserManager/UserStore features, but this is another story.

We have approached it in the following manner:

-          Server side we use the Authorize attribute;

-          When a user is not authorized OWIN security redirects, exactly as FormsAuthentication does, to the login MVC route;

-          The login page is another AngularJS app, with its own lifecycle, completely separated from the “real” app;

-          If the login is successful the login-app simply redirects to “/”, MVC kicks in and the authorization starts again if everything is ok the “real” app is loaded;

-          At each request done to WebAPI the browser sends back cookies, and thus also the authentication cookies, so we can decorate even WebAPI with the Authorize attribute;

-          In this latter case if authorization fails at WebAPI requests the “real” app simply shows a message to the user;

 

Makes sense?

 

.m

 

david gonzales

unread,
Mar 27, 2014, 10:52:44 PM3/27/14
to ang...@googlegroups.com
Thank you for the info. This is the route I was leaning towards. Excuse the pun. I've got to figure this out. ty.

Beyers Cronje

unread,
Mar 28, 2014, 6:07:18 AM3/28/14
to ang...@googlegroups.com
Reply all
Reply to author
Forward
0 new messages