I have an application developed in angularJs->ASP.NET Web Api. Now i have a requirement to download a secured file from server using the application. It document URL should be protected from unauthorized access too.
I'm thinking of using HttpHandler (ASHX file) in Web Api solution. I read that it helps us to protect the files when user try using the document URL with out privileges.
Any other options we have in Web Api to perform this? Any sample application would be very helpful. Thanks!
Related
We are thinking of creating a site in Angular that would get the information from SharePoint Online site using a Web API. The site and the Web API will be on Azure. The problem that I have is weather or not it is feaseable to query SharePoint Online using on single generic user that would authenticate for each request, or maybe using some sort of additional unique identifier for identifiyng each request, but same user overall. Do you believe it is possible? I have little experience on Azure and SharePoint Online, so any suggestion is welcomed. Thank you in advance.
BR,
Anisia
Yes, it is possible. At Web API level you can call sharepoint (use client-side object model (CSOM) for this) using single user for authentication.
I am having a web application built using JAVA spring which has API feature to read and write into database.
Now i have to develop an ionic mobile app for the same application. How to read and write data into database.
I know Firebase and other alternatives can do the job.
But i need my own API code(written for web app) to be used. Is there any way to achieve that?
I guess calling the respective API when the web application is live is achievable.
But how can i achieve that while developing(When the web app is under construction)
Well depending on how you set up the API this could become quite difficult.
You're saying/guessing that you can call the API when the webapplication is live. This makes me assume you've created a REST API? Or did you create a Spring MVC application?
If the webapplication is directly linked to your Spring application (f.e. going to localhost:8080/my-profile shows a page (not JSON) of your profile) then I'm not sure if you can achieve the above mentioned target.
If you get a JSON response, or are somehow able to retrieve it from the webpage, you can just simply call (in typescript:)
this.http.get('http://localhost:8080/my-profile').map(response => console.log(response.json() );
Else, you probably will have to create a basic REST API (check out Spring boot for a 5 minute setup) and provide it, either with hardcoded data or connect it with your database.
I've been googling the entire afternoon and I'm still not able to figure out what's the best solution to implement the following:
We have build a webapp in AngularJS that consumes interacts with REST API build using Symfony. The app allows users to register, login and do stuff. Now, these users need to upload very big files (>60GB) into their personal folders. A separate VM have been setup for this purpose (data server), located in the same VLAN as the frontend, backend and the MySQL db serving the data. The data upload will be done using either HTTP (using JQuery File Upload plugin) or an FTP client.
I'd like the users to authenticate into the data server (both via FTP or HTTP) using the credentials they already have for the app. For the FTP case, I'll use PureFTP as FTP server, which validates user/pass directly from the MySQL. As far as I know, this is the most convenient solution, but criticism is accepted.
For the HTTP upload, we could proceed in a similar way: POST user/pass, validate against DB and return true/false. Since all the communication will happen within the VLAN, security issues are less problematic. Nonetheless, I believe much more sophisticated solutions have already been developed.
My first thought was to build an OAuth server on Symfony and then authenticate the uploader (and future services) with their respective clients. Is this a right approach or is this a too complicated solution?
Alternatively, a service in the dataserver could validate user's credentials sent by the client against the REST API, receive a JWT and generate a new session for that particular client to list and update files on a particular folder. I'm not sure how to build this middleware though, do I need another Symfony instance or a simple PHP script will do the trick?
Please do not hesitate to share any thought you have on this. Any point of view will be much appreciated.
Thanks a lot
I am about to build web application consisting of three parts:
Public data-oriented websites for unauthenticated users with geolocation search, ...
Member area (with authentication) for managing the data
Mobile app/apps with the same functionalities
The airbnb.com is a good example of the structure.
Basicaly the thing is to create a server side API which will be shared accross clients.
I definitelly want to use AngularJS for the client side, but I am not sure which of those solutions is better:
Create the API with microframework Lumen and add sessions / authentication / html serving / other services to the Lumen
Create the API with full stack framework Laravel and serve html to AngularJS
Thank you for your suggestions.
You will need a solid api, lumen has all we need to build an api. You can go ahead with option 1 as you can later on migrate to full stack laravel framework, if needed.
I want to deploy my AngularJS app which access RESTful web-services onto an aws and I am wondering if I really need a server to serve my AngularJS files.
I can server them as static files or use something like NodeJS but do I really need one?
What are the advantages/dis-advantages of using a server in this scenario?
If your app is small, it's really not a problem if you only access to an API.
But if you want to login via other services where you have for example a public and secret token it's better to work with a server who use cache this datas from your users (maybe it's what your aws is doing).
If you want to access RESTFull Web Services from AWS, you need to put your angularjs files in a server.
The server will give access to resources, if the request is from http protocol. It will deny the request to serve if the protocol is file.