ASP.Net MVC Core API Question
-
I'm trying to learn ASP.Net MVC Core API. I think I'm doing the routing wronge. I have a UserController:
namespace Falcon.API.Controllers
{
[Route("api/user")]
[ApiController]
public class UserController : _ControllerBase
{
public UserController(IConfiguration configuration) :
base(configuration)
{
}\[HttpGet("getById/{id}")\] public IActionResult GetById(int id) { try { var repo = new Repository(GetDataContext()); var owner = repo.GetById(id); if (owner is null) { return NotFound(); } else { return Ok(owner); } } catch (Exception ex) { return StatusCode(500, "Internal server error"); } } \[HttpGet\] public IActionResult GetAll() { try { var repo = new Repository(GetDataContext()); var owners = repo.GetAll(); return Ok(owners); } catch (Exception ex) { return StatusCode(500, "Internal server error"); } } \[HttpGet("login/{username}/{password}")\] public IActionResult Login(string userName, string password) { try { var repo = new UserRepository(GetDataContext()); var owner = repo.Login(userName, password); if (owner is null) { return NotFound(); } else { return Ok(owner); } } catch (Exception ex) { return StatusCode(500, "Internal server error"); } } }}
When I call it, I'm doing this:
public async Task Login(string userName, string password)
{
UserEntity results = null;var url = $"https:// localhost:5001/api/User/Login/{userName}/{password}"; using (var httpClient = new HttpClient()) { using (var response = await httpClient.GetAsync(url)) { string apiResponse = await response.Content.ReadAsStringAsync(); results = JsonConvert.DeserializeObject(apiResponse) -
I'm trying to learn ASP.Net MVC Core API. I think I'm doing the routing wronge. I have a UserController:
namespace Falcon.API.Controllers
{
[Route("api/user")]
[ApiController]
public class UserController : _ControllerBase
{
public UserController(IConfiguration configuration) :
base(configuration)
{
}\[HttpGet("getById/{id}")\] public IActionResult GetById(int id) { try { var repo = new Repository(GetDataContext()); var owner = repo.GetById(id); if (owner is null) { return NotFound(); } else { return Ok(owner); } } catch (Exception ex) { return StatusCode(500, "Internal server error"); } } \[HttpGet\] public IActionResult GetAll() { try { var repo = new Repository(GetDataContext()); var owners = repo.GetAll(); return Ok(owners); } catch (Exception ex) { return StatusCode(500, "Internal server error"); } } \[HttpGet("login/{username}/{password}")\] public IActionResult Login(string userName, string password) { try { var repo = new UserRepository(GetDataContext()); var owner = repo.Login(userName, password); if (owner is null) { return NotFound(); } else { return Ok(owner); } } catch (Exception ex) { return StatusCode(500, "Internal server error"); } } }}
When I call it, I'm doing this:
public async Task Login(string userName, string password)
{
UserEntity results = null;var url = $"https:// localhost:5001/api/User/Login/{userName}/{password}"; using (var httpClient = new HttpClient()) { using (var response = await httpClient.GetAsync(url)) { string apiResponse = await response.Content.ReadAsStringAsync(); results = JsonConvert.DeserializeObject(apiResponse)When you step through the Login code, what happens? The problem has to lie inside your repo.Login method, so that's the place you should be looking.
-
I'm trying to learn ASP.Net MVC Core API. I think I'm doing the routing wronge. I have a UserController:
namespace Falcon.API.Controllers
{
[Route("api/user")]
[ApiController]
public class UserController : _ControllerBase
{
public UserController(IConfiguration configuration) :
base(configuration)
{
}\[HttpGet("getById/{id}")\] public IActionResult GetById(int id) { try { var repo = new Repository(GetDataContext()); var owner = repo.GetById(id); if (owner is null) { return NotFound(); } else { return Ok(owner); } } catch (Exception ex) { return StatusCode(500, "Internal server error"); } } \[HttpGet\] public IActionResult GetAll() { try { var repo = new Repository(GetDataContext()); var owners = repo.GetAll(); return Ok(owners); } catch (Exception ex) { return StatusCode(500, "Internal server error"); } } \[HttpGet("login/{username}/{password}")\] public IActionResult Login(string userName, string password) { try { var repo = new UserRepository(GetDataContext()); var owner = repo.Login(userName, password); if (owner is null) { return NotFound(); } else { return Ok(owner); } } catch (Exception ex) { return StatusCode(500, "Internal server error"); } } }}
When I call it, I'm doing this:
public async Task Login(string userName, string password)
{
UserEntity results = null;var url = $"https:// localhost:5001/api/User/Login/{userName}/{password}"; using (var httpClient = new HttpClient()) { using (var response = await httpClient.GetAsync(url)) { string apiResponse = await response.Content.ReadAsStringAsync(); results = JsonConvert.DeserializeObject(apiResponse)Passing the credentials in the URL of a
GETrequest is a very bad idea. You should only ever use aPOSTrequest. With aGETrequest, you will end up with the credentials stored in plain-text in every log between you and the user, and in the browser history.
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
-
When you step through the Login code, what happens? The problem has to lie inside your repo.Login method, so that's the place you should be looking.
I guess what I'm asking is - isn't this the wrong way to pass params?
var url = $"https:// localhost:5001/api/User/Login/{userName}/{password}";
If so, that means I've set something up incorrectly. But I don't really know what.
In theory, theory and practice are the same. But in practice, they never are.” If it's not broken, fix it until it is. Everything makes sense in someone's mind.