I'm trying to set up a simple Web API
with ASP.NET Core
. I'm working with a custom OAuth
set up by the company. The Web API
will not support web pages directly. The front end will call it from a separate website using a SPA
.
So, I thought I would set up a middle ware component that get the Bearer Token
from the API call. I then see if I have that user stored (for 5 minutes - stored in a singleton
hopefully that is right too) and if not I send an HTTP
request to the authentication server to determine if the user is valid. If they are I get the user information including roles, etc. But then, how do I set the Principal
? I've done this in WebAPI 2.*
, but haven't seen any tutorials for ASP.NET Core
.
This seems like a fairly normal workflow so I don't understand why there aren't many tutorials on the subject. They seemed to be all geared toward when you have a web page - same for WebAPI 2.*.
Any help is much appreciated. If someone can just point me in the right direction that would be great!