Exmaple web app with WebAPI, Owin and middlewares, e.g. OWIN Basic Authentication
-
HeaderFilterMiddleware - requires an configured HTTP header (e.g.
X-my-sample-header
) to be preset in every request configured inStartup -> app.UseHeaderFiltering(...)
.Configuration in
web.config
AppSettings["TokenHeaderName"]: the required header name AppSettings["TokenHeaderValue"]: the required header's value AppSettings["TokenHeaderFilteringEnabled"]: enable/disable header filtering. You can disable it for debug and enable for release.
-
IpFilterMiddleware - disabled, configured in
Startup -> app.UseIpFiltering(...)
- BasicAuthenticationMiddleware -
A resource that is protected by basic authentication -
[Authorize]
attribute - requires incoming requests to include the Authorization HTTP header using the basic scheme. This scheme uses a base64 encoded username and password separated by a colon (base64 encoding is used to avoid characters that would cause issues when sent over HTTP). OWIN Basic Authentication
Plain text
Authorization: Basic username:password
Encoded
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
Configuration in web.config
AppSettings["ApiUserName"]: user name for authentication
AppSettings["ApiPassword"]: password for authentication
Example of using correct HTTP method in API:
GET
- get single or allPOST
- create or create lazy. ReturnLocation
header with URL to newly created object (status code: 201 Created) or where the object will be created when cannot be created immediatelly - the lazy option (status code: 202 Accepted) withLocation
headerPUT
- update an objectPATCH
- update only one propertyHEAD
- check if an object exists without returing dataDELETE
- delete an object
Database used is LiteDB - Embedded NoSQL database for .NET, stored in a single file.
The database is initially setup in DatabaseSetup.cs