Click here to Skip to main content
14,238,924 members
Rate this:
Please Sign up or sign in to vote.
See more:
I am trying to add online appointment booking functionality to an existing website which is built using Umbraco. And using a third party web api service to implement this booking functionality. This web-api provider also handles the login part to authenticate the user and returns the XSRF-TOKEN which i need to use(implicitly) to call their other APIs. So far i am able to get this token and add it to DefaultRequestHeaders (inside the same controller)like:
public class AccountController : SurfaceController
       HttpClient client;
       CookieContainer cookies = new CookieContainer();
       string token;
       public  AccountController()
           HttpClientHandler handler = new HttpClientHandler();
           handler.CookieContainer = cookies;
           client = new HttpClient(handler);
           client.BaseAddress = new Uri("url");

       public async Task<bool> ValidateLogin(LoginModel model)
           HttpResponseMessage responseMessage = await client.PostAsJsonAsync("url", model);
           Uri uri = new Uri("url");
           IEnumerable<Cookie> responseCookies = cookies.GetCookies(uri).Cast<Cookie>();

           token = responseCookies.FirstOrDefault(x => x.Name == "XSRF-TOKEN").Value;
           if (!String.IsNullOrWhiteSpace(token))
               client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("X-XSRF-TOKEN", token);
               client.DefaultRequestHeaders.Add("X-XSRF-TOKEN", token);
               return true;
           return false;

       public async Task<ActionResult> GetUserDetails()
           HttpResponseMessage responseMessage = await client.GetAsync("url");
           if (responseMessage.IsSuccessStatusCode)
               MyViewModel model = new MyViewModel();
               var responseData = responseMessage.Content.ReadAsStringAsync().Result;//Getting an unauthorised response back here since the token is not handled as required

               model.UserDetails = JsonConvert.DeserializeObject<MyViewModel>(responseData);
               model.Appointments = await GetAppointmentsByUser();
               return PartialView("_UserDetails", model);
           return CurrentUmbracoPage();

       private Task<object> GetAppointmentsByUser()

So now the real problem is how to manage/handle this token so the logged user can get authenticated to use other GET, PUT,POST requests?

Can somebody guide me to implement this in a proper way please?


What I have tried:

Tried to find the solution on similar issue but did not get satisfying answer yet.
Gerry Schmitz 10-Jun-19 11:13am
This is a "question and answer" format; not where we have "guides" for the long haul.
Member 11274606 10-Jun-19 11:18am
Sorry i am new to this forum so did not understand what do you mean by this.
Do you mean I should have used some other category?

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100