3,597 questions
you don't explain how the mobile calls the website.
the website can support both bearer token and cookie tokens, by defining multiple authentication schemes.
Authenticate user on website using an API access token
Stesvis
1,041
Reputation points
Hello,
I have a common scenario. A user is logged in to the MVC Web API using a mobile app (so the user has a valid access token) and therefore can consume any protected API endpoint with that token.
Some functionality is only available on the website, so the mobile app just redirects the user to the proper page on the website.
The website however redirects back to the login page because it uses Cookie authentication.
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
ExpireTimeSpan = TimeSpan.FromDays(30),
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an
// external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.Zero,
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager)),
},
});
Is it possible to skip the login page since I have a valid token?
How can I implement it so that the token is passed in the URL or as a payload and the website can take that token and automatically log in the user and load the page directly?
Developer technologies ASP.NET Other
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 51%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYS%3C/text%3E%3C/svg%3E)
Yijing Sun-MSFT 7,096 Reputation points2021-09-20T08:45:33.96+00:00 Hi @Stesvis ,
What's the type of your project? Asp.net Core? If your project is asp.net core, what's your version? Do you want to use cookie authenticate with JWT?
-
Stesvis 1,041 Reputation points
2021-09-20T15:25:19.033+00:00 It's Entity Framework MVC 5, the access token is not JWT.
Sign in to comment
1 answer
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 61%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
Bruce (SqlWork.com) 77,686 Reputation points Volunteer Moderator2021-09-17T22:54:30.05+00:00 -
Stesvis 1,041 Reputation points
2021-09-20T17:46:54.393+00:00 Hi @Bruce (SqlWork.com) this is good old MVC, not Core.
I am not sure the way the mobile app calls the website matters too much, however, it is done in Xamarin Forms + Xamarin Essentials, so the code is like this:await Browser.OpenAsync("https://mywebsite.com/my_private_route");I need to do also the same from another React website. What matters is that I have an access_token and I am wondering if there is a way to make a call to
https://mywebsite.com/my_private_route?token=[access_token]and then implement something in the MVC website to recognize that token and set my cookies to make it look like i am effectively logged in.
Sign in to comment -