First I'm new to WEB API.
I would like to know when a ASP.NET MVC 4 web application is the user interface, then I need to use another MVC 4 web application for hosting the WEB API, which is to host the business logic? Excuse me for my bad English.
EDIT:
http://www.codeproject.com/Articles/350488/A-simple-POC-using-ASP-NET-Web-API-Entity-Framewor
the api should be a WCF web service in my opinion
If the web api is being used for ajax calls from the browser then it should be in the same application as the web pages that call it.
What exactly are you using the WebAPI for?
Related
We're looking to secure an Angular application that is running in an MVC project.
If I secure the MVC app using hybrid flow, then all the Angular $http calls are jQuery $.ajax calls under the hood. Which if I remember rightly, sends all cookies with each web API call.
My question is, how should I secure this application. Do I need to secure the MVC app using hybrid flow and then do I need to further secure the APIs?
EDIT
I've just been watching the NDC video and it talks about asking for 2 tokens when you originally authenticate.
Communication between an angular app and MVC is usually secured using session cookies. If you need your APIs to be called from other apps then you better move those APIs to WEBAPI and communicate with them using bearer tokens. If you already have other APIs that require bearer token, you can get an access token in hybrid flow and talk to those APIs(from either the angular app or the MVC app).
I am implementing REST APIs using Flask Restful and want to add session based auth for users. Currently I am NOT implementing a web app. I am wondering if the Flask-Login extension can only be used for web apps or can I use them for my REST application too?
Altough a RESTful service should be stateless by definition,
I would avoid that one. It's more "form-oriented".
Go for OAuth2, it's the de facto standard for RESTful web services.
A good implementation is Flask-OAuthlib, available on GitHub.
I'm creating an app for iOS that will use CocoaHTTPServer to provide some RESTful web services. Is there a normal convention for publishing the api so that the available calls can be discovered by another device?
My web application is developed using AribaWeb framework and I want to integrate my application with Facebook. I need to post some info to my product's wall when i'm saving my sample page. I have some doubts to do this,
Is there any need of Web services. if so what are they?
Is it possible to do without JavaScript?
Study the facebook API. I am sure there is a REST service that allows you to do that. Then you can send a REST request from your application using available REST frameworks such as RESTeasy or Jersey .
I'm building a simple iPhone app that synchronizes to a webservice served by Symfony 1.4. This app requires the user to be logged in.
My question is, how can the user log in Symfony from the iPhone app? And how can I keep the session opened through the next petitions? Is this secure?
Chapter 15 of the Practical Symfony book talks about webservices, but I can't find any guide about sessions.
Thanks in advance
You can use SOAP web service also. But this is little complex. You can send the file attached to XForm and Post to the service
Detailed implementation of SOAP in PHP
http://www.vankouteren.eu/blog/2009/03/simple-php-soap-example/
You can build a rest service for symfony modules. You can get login through REST service.
Your example service will be like this
www.example.com?username=user&password=pass