I am having trouble understanding the purpose of everything I am trying to do here. I have web api, mvc, and angular2 project linked by authentication provided by identityserver4
As in, why would I make a web api?
Does the user that connects to my MVC application communicate for information directly with the WEB API and not the MVC backend?
If so what is the purpose of the MVC backend if I am aiming for a SPA with angular2?
With Identityserver4 I've already connected the MVC and the WEB api and the users together. Does that mean from that moment on after login and 1st page load the majority of the calls for information comes from the web api not the MVC backend?
If you guys can clear up on what exactly the purpose of the MVC backend and the web api and how that relates to a SPA with identityserver integrated it would be helpful!
Thanks.
Best Answer
In front-end projects (regardless of .NET), it is common to run a "dev" web server to host the files for testing/debugging. It sounds like the MVC project is just performing this function for the Angular2 files.
You could use MVC controllers as your API back-end, but that is not the standard way to utilize ASP.NET's MVC paradigm. You probably want to use the Web API project, since it is designed for that purpose.
You didn't state which grant type you are using with IdentityServer4. But note that you should use the Implicit Grant for browser apps. Other grants require the app to have (or collect) sensitive information. With Implicit Grant, credentials do not pass through the app. Instead, when the app does not have an access token, it redirects to IdentityServer for login, then IdSrv redirects back to your (i.e. Angular2) app with an access token. Then your app sends the access token along with every API request.