Service Stack
This is just a collection of notes around using MVC with ServiceStack for authentication and authorization.
Authentication in MVC
Authenticate / Require Role / Require Permission
// GET: /Admin/Doctors/List
[ExecuteServiceStackFilters]
[Authenticate]
[RequiredRole(RoleNames.Admin)]
[RequiredRole("Admin")]
[RequiredPermission]
public ActionResult List() {
return View();
}
How can I overwrite Login Url in ServiceStack.MVC authentication?
Sample Code:
public abstract class ControllerBase : ServiceStackController<CustomAuthSession> {
public override string LoginRedirectUrl {
get { return "/account/login?redirectTo={0}"; }
}
}
More details on Answer on Stack Overflow
More info on authentication and authorization in the Service Stack documentation
Authentication using Credentials Auth
Sample of Successful Registration
URI
http://localhost:51737/api/register
Headers
Content-headers: application/json
encoding: utf-8
method: POST
Payload:
{"UserName":"philhack","FirstName":"Phil","LastName":"Hack","DisplayName":"Phil Hack","Email":"phil@philhack.com","Password":"somepassword","AutoLogin":false,"Continue":""}
Sample Successful Response
Status: 200 OK
{
"UserId": "1",
"ReferrerUrl": "",
"ResponseStatus": {}
}
Sample Failure Response When User Already Exists
Status Code: 400
{
"ResponseStatus": {
"ErrorCode": "ValidationException",
"Message": "Validation failed: \r\n -- UserName already exists\r\n -- Email already exists",
"Errors": [{
"ErrorCode": "AlreadyExists",
"FieldName": "UserName",
"Message": "UserName already exists"
}, {
"ErrorCode": "AlreadyExists",
"FieldName": "Email",
"Message": "Email already exists"
}]
}
}
Sample of successful authentication
How to authentication using Crediantials Service Stack Auth Provider
Request Uri: http://localhost:51737/api/auth/credentials
Accept Content-Type: application/json
Request Method: POST
Request Parameters:
UserName: philhack
Password: password
RememberMe: false
Content Headers
Content-type: application/x-www-form-urlencoded
Encoding: utf-8
Success Response:
StatusCode: 200
Response Body:
{
"UserId": "1",
"SessionId": "Pbu14a9gyJ8YvvMFPyTi",
"UserName": "philhack",
"ResponseStatus": {}
}
Invalid Credentials response
Status Code: 401
Response Body:
{
"ResponseStatus": {
"ErrorCode": "Invalid UserName or Password",
"Message": "Invalid UserName or Password",
"Errors": []
}
}