I had a MCV core app that uses cookie based authentication (stores user credentials in DB). Later I introduced a web api as the backend of this MVC application. Now both are hosted together as a Azure web app. For now my cookie authentication logic is still in the MVC application. So what is the simplest approach for me to secure the web api.
Asked
Active
Viewed 206 times
0
-
how do you authenticate your users ? azure ad ? – Thomas May 20 '21 at 06:57
-
no just uses legacy approach. Store username and password in DB. – Chamodh May 20 '21 at 06:59
-
What do you mean by `both are hosted in Azure as a single web` ? Same app service plan ? – Thomas May 20 '21 at 07:07
-
yes in same resource plan but what I meant was both apps are running as a single web app. Frontend and backend hosted together in the same app. – Chamodh May 20 '21 at 07:13
-
SO you have a SPA and a backend ? – Thomas May 20 '21 at 07:35
-
yes @Thomas any suggestion ? – Chamodh May 20 '21 at 11:08
1 Answers
1
I simply used the Authorize attribute in my API controllers and that resolved the issue.
Chamodh
- 61
- 1
- 3
- 11