The new SharePoint Development Tools are supporting SharePoint Apps with an MVC Web Application as backend. That’s amazing. Finally you as a SharePoint Developer can get rid of the ASP.NET WebForms Crap and you get full support from Visual Studio.
The new MVC Template for SharePoint Apps of course contains the TokenHelper class that many SharePoint developer already may know from the legacy SharePoint App Templates using ASP.NET WebForms. On top of that, the new MVC template contains the SharePointContextFilter. This filter can be used either on MVC Controller classes or on controller actions. By applying this attribute to a controller or an action you can ensure that only calls authorized with a valid SharePoint Security Token (either AppToken, UserToken or the combination of both) are passed through the pipeline and can access the resource sitting behind the controller-action.
During the implementation phase we went a step further and created a new BaseController class and called it SharePointBaseController.
As you can see the new BaseController has the SharePointContextFilter Attribute on the class-definition. By doing so, all controllers that inherit from SharePointBaseController can only be invoked from valid requests. This technique allows us to put both (protected views only accessible for people with valid tokens and public marketing sites which are accessible for everyone) into a single web-project. Yes you can achieve this also without the SharePointContextFilter, but with the Filter your code will become cleaner and more readable.
No comments:
Post a Comment