after searching many days i found good video on jwt token. i have confusion: 1) you added issuer, audience, Key in appsetting.json file. when i build where can i get. can i use randomly? 2) if i did not use one mthod with authorize filter can i access directly without token or authentication/login? 3) why you used postman here. can not use swgger all time? can you please explain?
I think the reason why Users were added in the parameters would be in order to create the claims object. Typically the claims object holds some identifiers , such as username, those claims would then be baked into the payload section of the token. The implementation would go like something along these lines: private string GenerateToken(User user) { List myClaims = new List { new Claim(ClaimTypes.Name, user.Username) }; var sercurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(config["Jwt:Key"]!)); var credentials = new SigningCredentials(sercurityKey, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( config["Jwt:Issuer"], config["Jwt:Audience"], claims: myClaims, expires: DateTime.Now.AddMinutes(15), signingCredentials: credentials); return new JwtSecurityTokenHandler().WriteToken(token); }
Hi, welcome to my channel and thanks for the comment. Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Could you connect on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Kindly connect and follow on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. For any queries, kindly ping me on WhatsApp +91 8826791246 or connect on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Kindly follow me on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi Rahul, welcome to my channel and thanks for the comment. I will try to create the same soon if you are looking for some customized application then kindly connect with me on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi Virendra, welcome to my channel and thanks for the comment. Yes, you are right. Once the token expires then the user has to regenerate the token in order to access the APIs. For any other query kindly follow and connect with me on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. For any queries, kindly ping me on WhatsApp +91 8826791246 or connect on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
JWT tokens generally stored in httponly cookie to make it secure, what you are saying like sharing the user name and password with other users... Think about it
think in real time case, for ex: there is an app which needs user id and password from the user, once user entered those credentials, our api what it will do is it will validate the credentials from database end. If user credentials are existed it will generate token and it will add the token into header and it will pass this client app (UI), once user is authenticated, next time when user wants to access the other controller/api , as in http header will get the token like how he passed the token from postman, in the same way from client app also, we will get the token and it can access the api. And you told that Can i use the other user's token to another user login, How it will workout!!! either you have to sign out or you have to log in from one more client app which is from other device. Please excuse my english grammer mistakes!!😀
@@amritnepal14 both are quite different as per my knowledge, in this video, buddy explained about both the cases 1. Authentication ( when user trying login , api should validate the user credentials and generate a token on successful login. ) 2. Authorization (when user trying to access the api which is decorated with authorize attribute, in this case we are able to access the api by passing the token as authorization. I hope you understood!!!
Hi, welcome to my channel and thanks for the comment. Kindly connect and follow on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. For any queries, kindly ping me on WhatsApp +91 8826791246 or connect on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Please connect on WhatsApp on this number +91 9625701241 or message me on my Instagram @manojdeshwal.dev. Keep learning and supporting.
Hi Javed, welcome to my channel and thanks for the comment. Kindly connect on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
It Showing Error while Installing the package, how can i resolve this Error: Could not install package 'Microsoft.AspNetCore.Authentication.JwtBearer 8.0.0'. You are trying to install this package into a project that targets '.NETFramework,Version=v4.7.2', but the package does not contain any assembly references or content files that are compatible with that framework. For more information, contact the package author.
Hi, welcome to my channel and thanks for the comment. Kindly connect on WhatsApp +91 88267 91246 or on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍.
after searching many days i found good video on jwt token.
i have confusion:
1) you added issuer, audience, Key in appsetting.json file. when i build where can i get. can i use randomly?
2) if i did not use one mthod with authorize filter can i access directly without token or authentication/login?
3) why you used postman here. can not use swgger all time?
can you please explain?
HelpFull Vedio Thank you sir
Everything is fine but in real time jwt token is generated in one api, and authorization done is another api, how to perform this sir, please reply me
Great explanation ❤ Finally I learned how to use auth middleware with JWT Token ✌️👏🏻
Simple & easy way Thank you Manoj
Most welcome 😊
Very helpful
very clear explanation Thanks a lot Manoj!!
Very well explained. Thank you.
Simple video and explanation. Thanks.
all thanksss tooo youuu bhaiayyaa... cannt sayyy it helpeeddd a lotttt .... u r the besttttt
very nice video, and detailed explanation.. superb
Why did you use GenerateToken(Users users) if users is not used in this method?
I think the reason why Users were added in the parameters would be in order to create the claims object. Typically the claims object holds some identifiers , such as username, those claims would then be baked into the payload section of the token.
The implementation would go like something along these lines:
private string GenerateToken(User user)
{
List myClaims = new List
{
new Claim(ClaimTypes.Name, user.Username)
};
var sercurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(config["Jwt:Key"]!));
var credentials = new SigningCredentials(sercurityKey, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
config["Jwt:Issuer"],
config["Jwt:Audience"],
claims: myClaims,
expires: DateTime.Now.AddMinutes(15),
signingCredentials: credentials);
return new JwtSecurityTokenHandler().WriteToken(token);
}
Finally the best video I got about JWT. Their a lot of confusion before . Thank you a lot
Thanks
Why do we need to give same value for issuer and audience?
Thank You from Tamilnadu
Thank you Bro !!! simple and easy way to understand
very well explained. Thank you Sir.
Very Simple and Easy.
Thank you 😊
Excellent video. Thanks a lot.
You are welcome!
Thank you !!! simple and easy to understand
Hi, welcome to my channel and thanks for the comment.
Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
Can you demo follow this video using dynamic user with database and using store procedure
Hi, welcome to my channel and thanks for the comment. Could you connect on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
Very clear 👏🏽🇿🇦 Thanks
You’re welcome 😊
What is the difference between Claim and Signature? what does each one reference?
Hi, welcome to my channel and thanks for the comment.
Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
Hi Manoj, token expiration not working. I have put 1 min but after 1 min its not expiring. thanks for this video.
Hi, welcome to my channel and thanks for the comment. Kindly connect and follow on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
@@ManojDeshwal ok thanks
Thank you so much, sir. This video helps me a lot.
Hi, welcome to my channel and thanks for the comment. For any queries, kindly ping me on WhatsApp +91 8826791246 or connect on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
Very useful 🙏🙏
Thankyou so much sir, for making this video. this video more help to me.
Hi, welcome to my channel and thanks for the comment. Kindly follow me on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
thank you so much brother god bless you !!!!!!!!!!!!
very good explanation , subscribed! thank u , and pls keep sharing more
Thank you
v good manooj
Thank you, this tutorial helped me lot!
Hi, welcome to my channel and thanks for the comment.
Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
Thank you, you are the best ❤❤
Sir please make this video with entity framework .
Hi Rahul, welcome to my channel and thanks for the comment. I will try to create the same soon if you are looking for some customized application then kindly connect with me on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
What happens when token gets expired? will user need to re send the credentials?
Hi Virendra, welcome to my channel and thanks for the comment. Yes, you are right. Once the token expires then the user has to regenerate the token in order to access the APIs. For any other query kindly follow and connect with me on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
if i change my username or password then how login
How to add sql database in this
Am getting 401 error after execute the loginuser
How to do this with db connection
Hi, welcome to my channel and thanks for the comment. For any queries, kindly ping me on WhatsApp +91 8826791246 or connect on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
Thankyou so much bro,if possible can you provide the github link of this bro
Hi, welcome to my channel and thanks for the comment.
Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
Thanks
❤
great
how we can set up swagger ?
Hi, welcome to my channel and thanks for the comment.
Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
it will come by default !!
What if I create token with one user and use it for another user how to make sure tokern is passed by the user that created it.
tokens are used for authentication.. you should use authorization also for what you are saying
?
JWT tokens generally stored in httponly cookie to make it secure, what you are saying like sharing the user name and password with other users...
Think about it
think in real time case, for ex: there is an app which needs user id and password from the user, once user entered those credentials, our api what it will do is it will validate the credentials from database end. If user credentials are existed it will generate token and it will add the token into header and it will pass this client app (UI), once user is authenticated, next time when user wants to access the other controller/api , as in http header will get the token like how he passed the token from postman, in the same way from client app also, we will get the token and it can access the api. And you told that Can i use the other user's token to another user login, How it will workout!!! either you have to sign out or you have to log in from one more client app which is from other device. Please excuse my english grammer mistakes!!😀
@@amritnepal14 both are quite different as per my knowledge, in this video, buddy explained about both the cases 1. Authentication ( when user trying login , api should validate the user credentials and generate a token on successful login. )
2. Authorization (when user trying to access the api which is decorated with authorize attribute, in this case we are able to access the api by passing the token as authorization.
I hope you understood!!!
Thanks sir for this
Hi, welcome to my channel and thanks for the comment. Kindly connect and follow on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
Very useful
At 9.18 how to give the website name
Hi, welcome to my channel and thanks for the comment. For any queries, kindly ping me on WhatsApp +91 8826791246 or connect on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
Hi Bro, It's failed to get load swagger in .net 8 "giving internal server error"
why did you uncheck https
For not getting http error
I need your help
Hi, welcome to my channel and thanks for the comment. Please connect on WhatsApp on this number +91 9625701241 or message me on my Instagram @manojdeshwal.dev.
Keep learning and supporting.
resolved
Bhai mujhe aapse paid class Leni hai
Hi Javed, welcome to my channel and thanks for the comment. Kindly connect on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
It Showing Error while Installing the package, how can i resolve this Error:
Could not install package 'Microsoft.AspNetCore.Authentication.JwtBearer 8.0.0'. You are trying to install this package into a project that targets '.NETFramework,Version=v4.7.2', but the package does not contain any assembly references or content files that are compatible with that framework. For more information, contact the package author.
in that case, you can choose the package of version 6.0.0, It will work!!!
Thanks manoj
how to add sql database in this ?
Hi, welcome to my channel and thanks for the comment. Kindly connect on WhatsApp
+91 88267 91246 or on Instagram @openprogrammer
is my Instagram handle.
Keep learning and supporting 👍.
thanks