<ABP documentation> Web Api controller, abpapi
Document directory
Content of this section:
- Introduction
- AbpApiController base class
- Filter
- Audit Log
- Authorization
- Anti-counterfeit Filtering
- Work Unit
- Result packaging and Exception Handling
- Result Cache
- Verify
- Module Binder
Introduction
Use the nuget package of the Abp. Web. Api to integrate the ABP into the Asp.net Web Api controller. You can create a common Asp.net Web Api controller as you did before. Dependency injection works well for these common apicontrollers, but you need to inherit your controller from AbpApiController, it provides many benefits and better integration into the ABP.
AbpApiController base class
This is a simple api controller inherited from AbpApiController:
public class UsersController : AbpApiController{}
Localization
AbpApiController defines the L method to make localization easier, such:
public class UsersController : AbpApiController{ public UsersController() { LocalizationSourceName = "MySourceName"; } public UserDto Get(long id) { var helloWorldText = L("HelloWorld"); //... }}
You must set LocalizationSourceName first, and the L method can work correctly. You can set it in your own base api controller class so that you do not need to set it again for each api controller.
Others
You can use pre-injected basic attributes such as AbpSession, EventBus, PermissionManager, PermissionChecker, SettingManager, FeatureManager, FeatureChecker, LocalizationManager, Logger, CurrentUnitOfWork.
Filter
ABPS preset some filters for all Asp.net Web APIs, which are added to all actions of all controllers by default.
Audit Log
AbpApiAuditFilter is used to integrate into the audit log system. It records all Action requests by default (if the audit is not disabled ), you can use the Audited and DisableAuditing features to control the Action and controller audit logs.
Authorization
You use the AbpApiAuthorize feature for your api controller or Action to prevent unauthorized users from accessing them. For example:
public class UsersController : AbpApiController{ [AbpApiAuthorize("MyPermissionName")] public UserDto Get(long id) { //... }}
You can define the AllowAnonymous feature for the Action or controller to abolish authentication/authorization. AbpApiController also defines an IsGranted shortcut for checking the license in the definition.
For more information, see the authorization document.
Anti-counterfeit Filtering
AbpAntiForgeryApiFilter automatically protects Asp.net Web Api actions (including dynamic Web APIs) from CSRF/xsrf post, PUT, and DELETE request attacks. For more information, see CSRF documentation.
Work Unit
AbpApiUowFilter is used to integrate into the work unit system. A work unit is automatically started before an Action is executed, and the work unit is completed after the Action is executed (if no exception is thrown ).
You can use the UnitOfWork feature for an Action to control its unit of work behaviors. You can also modify the default unit of work features for all actions in the startup configuration.
Result packaging and Exception Handling
After the Web Api Action is successfully executed, the ABP will not automatically wrap it by default, but the ABP will handle and package exceptions. If necessary, you can add WrapResult/DontWrapResult to the Action and controller, you can modify the default behavior from the startup Configuration (using Configuration. modules. abpWebApi ()....). For more information about result packaging, see the AJAX documentation.
Result Cache
A Cache-Control header (no-cache, no-store) is added to the Web Api request response. Therefore, it may even prevent the browser from caching the GET request response, however, you can configure this behavior.
Verify
AbpApiValidationFilter automatically checks ModelState. IsValid and stops Action execution when an error is detected. Verification of input DTO is described in the verification document.
Module Binder
AbpApiDateTimeBinder is used to standardize the DateTime (and Nullable <DateTime>) input through the Clock. Normalize method ).