I've been looking at the code (in https://github.com/patelsan/WebAPIAuthentication) from this article: http://www.codeproject.com/Articles/630986/Cross-Platform-Authentication-With-ASP-NET-Web-API.
It's pretty good and seems to work fine. There are very few articles that explain this kind of token authentication, but this is the best I've seen. Note that I'm new to this technology and there's much to learn.
So, I noticed that the UsersController has this code:
public class UsersController : ApiController
{
public Status Authenticate(User user)
{
. . .
}
}
The Authenticate
method doesn't start with a known HTTP verb, e.g. Get or Post, and there's no [HttpGet] or [HttpPost] attribute associated with this method, so how does the controller know with which verb to associate this method? Just by looking at the code, how can I tell which verb I need to use? Is there such a thing as a "default" verb if nothing matches?
By the way, in case you're wondering, the only verb that works is POST. I'd love to understand why that is the case.
Default Action Methods In Web API, Get, Post, Put, and Delete verbs are used as corresponding action methods- Get(), Post ([FromBody]string value), Put (int id, [FromBody]string value), Delete (int id) for manipulating data like get, insert, update and delete.
To use the HttpGet method, we use HttpGet attribute on the Action method. It is also the default HTTP verb.
The primary or most-commonly-used HTTP verbs (or methods, as they are properly called) are POST, GET, PUT, PATCH, and DELETE. These correspond to create, read, update, and delete (or CRUD) operations, respectively.
The default route template for Web API is "api/{controller}/{id}".
In this special case, the default Http Verb is POST. In other scenarios, the default verb depends on the name of the action and other factors. Below is the algorithm quoted from asp.net:
HTTP Methods. The framework only chooses actions that match the HTTP method of the request, determined as follows:
You can specify the HTTP method with an attribute: AcceptVerbs, HttpDelete, HttpGet, HttpHead, HttpOptions, HttpPatch, HttpPost, or HttpPut.
Otherwise, if the name of the action (controller method) starts with "Get", "Post", "Put", "Delete", "Head", "Options", or "Patch", then by convention the action supports that HTTP method.
If none of the above, the method supports POST.
http://www.asp.net/web-api/overview/web-api-routing-and-actions/routing-and-action-selection
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With