1
我有一個API寫在ServiceStack,我試圖建立在客戶端的身份驗證。目前這個API只能被Android客戶端(Xamarin/C#)訪問。該API本身運行在Apache/mod_mono上的Debian服務器上Servicestack用戶會話不工作
在讀完Github後,我仍然不能100%確定如何將它們放在一起......一旦客戶端提供了有效的證書(用於測試,基本HTTP認證)用戶獲得一個會話,並且在來自同一會話的後續請求中不再檢查憑證。
APPHOST類:
{
public class AppHost
: AppHostBase
{
public AppHost() //Tell ServiceStack the name and where to find your web services
: base("Service Call Service", typeof(ServiceCallsService).Assembly) { }
public override void Configure(Funq.Container container)
{
//Set JSON web services to return idiomatic JSON camelCase properties
ServiceStack.Text.JsConfig.EmitCamelCaseNames = true;
// Session storage
container.Register<ICacheClient>(new MemoryCacheClient());
// auth feature and session feature
Plugins.Add(new AuthFeature(
() => new AuthUserSession(),
new[] { new userAuth() }
) { HtmlRedirect = null });
}
public class userAuth : BasicAuthProvider
{
public override bool TryAuthenticate(IServiceBase authService, string userName, string password)
{
peruseAuth peruseAuthHandler= new peruseAuth();
errorLogging MyErrorHandler = new errorLogging() ;
if (peruseAuthHandler.ValidateUser(authService, userName, password))
{
try
{
var session = (AuthUserSession)authService.GetSession(false);
session.UserAuthId = userName;
session.IsAuthenticated = true;
return true;
}
catch(Exception ex)
{
MyErrorHandler.LogError(ex, this) ;
return false ;
}
}
else
{
Console.Write("False");
return false;
}
}
}
的JsonServiceClient:(就在 「登錄」 事件)
btnLogin.Click += (sender, e) =>
{
// Set credentials from EditText elements in Main.axml
client.SetCredentials(txtUser.Text, txtPass.Text);
// Force the JsonServiceClient to always use the auth header
client.AlwaysSendBasicAuthHeader = true;
};
我已經做了一些記錄,並且它似乎每當客戶端執行一個操作時,他們的用戶名/密碼都將被檢查對數據庫。這裏有什麼不對嗎,還是這是預期的結果?