But, over the last few nights I have been working to add support for HTTP Basic Authentication, which is where your user name and password are send to the server as part of the connection process. This allows using code to access the API by passing a user name and password as part of it's connection process. I have a simple WPF test app that I made which uses RESTSharp to connect to the Blazing Heart Reader API, which now works:
To get this working, I coppied the code for IdentityBasicAuthenticationAttribute.cs and related files, and then just added the attribute to the API controllers:
Easy. Behind the scenes though, this is only possible because I'm using the Owin authentication model which bypasses the server authentication. This is important because the server only allows one type of authentication for the whole application but Owin allows you to use anything you write a filter for. It's a good thing I previously upgraded the site to ASP.NET MVC 4 to use Owin otherwise this would have been quite painful!