Web Api 2 and Formless Client Login?

Q. How does login security work for a client accessing Web Api 2 service without using a login form every time ?

Q. Which authentication works best with SSL?

Q. Which authentication works best without SSL?

I'm working on a AngularJS client which should:
1. Remember the first login
2. Automatically login to the Web Api 2 service
3. Demand login if the password expires.
WorknHardrAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Scott Fell, EE MVEConnect With a Mentor Developer & EE ModeratorCommented:
I personally prefer the "traditional" log in.  I am turned off when I do this and the app is asking for info/events I don't want to share.  

In any case, each social site will have their own way of doing things.  For google plus you can start here http://googleplusplatform.blogspot.com/2013/02/google-plus-sign-in.html.

Your authentication still needs to be done serverside and not client side.  Otherwise, it is easy to bypass and you are exposing data that you shouldn't be.   I wish I could help you more on the .NET side, I don't work with it.  There are libraries for this in each langauge that can make your life easier. http://msdn.microsoft.com/en-us/magazine/dn198238.aspx
0
 
WorknHardrAuthor Commented:
Thx
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.