Authentication Part 1 - Individual User Accounts
Вставка
- Опубліковано 22 чер 2023
- RESTful web services need securing just as much as any other web site. Here's a first look at how we can use JSON Web Tokens (JWTs) to secure ASP.NET Web API applications.
Source code available at: github.com/JasperKent/WebApi-...
Topics include:
- Deriving custom C# user classes from IdentityUser
- Adding security tables to an existing database with EF migrations
- Registering new users via the API
- Configuring your site for JWTs
- Using a secret to encrypt
- Returning a JWT from a successful login
- Analysing a JWT - Наука та технологія
Do you use JWTs or another authentication mechanism? Let me know in the comments.
Source code available at: github.com/JasperKent/WebApi-Authentication
Remember to subscribe at ua-cam.com/channels/qWQzlUDdllnLmtgfSgYTCA.html
And if you liked the video, click the 👍.
I build my first Blazor application by following your videos. Very thankful for that. I used AuthenticationStateProvider. But I am waiting for a tutorial on it from you.
I have a problem , my project is db first , so if I add identityDbContext to my context or entity when I update from database , all things I did before revert . so its fatal
what's your idea or any suggestion ?
or I have to use another way? or not to use identity?
thanks
Hello sir i am a complete beginner. I have been trying to understand how to add authentication to my blazorwasm app and I couldn't figure out where should I even start. You are the only one who explain properly even a beginner can understands. Thank you very much.
I missed your videos, welcome back :)
Cheers - I got busy with other things.
It's great video with all needed steps for authentication from the beginning till the end! Thanks!
Hi Jasper, I used Microsoft Entra/Azure to secure an API project and it caused me endless problems. I couldn't add users that were part of another Microsoft org unless their org allowed it, I couldn't allow users to register for themselves, certificates expire without notice, etc, etc. What ended up happening is I got frustrated and started making changes everywhere until it all worked close to how I needed it to work. At that stage I had no idea how secure my application was and it still wasn't working as I needed. I have decided to code my own security so at least I understand it, I know how it works, and I can be responsible for it. These tutorials have been invaluable - thank you.
Please Also add refresh token functionality and Api key as well as role based authentication
I'll but them on the list.
thanks for the video i have been waiting for this series for a long time i hope you cover openid connect as well
I'll put it on the list.
thanks alot
Additionally, when it comes to Clockswek, many people who are unfamiliar with how it works may encounter unexpected errors.
Thanks!
If I'm not mistaken, with the Result or TypeResult type, there is no longer a need for the "produces" directive.
You won't need it for the OK, but you will for anything else.
thank you sir
Missed you sir! Don’t do this again :)
What if I use no secret?
thanks a lot