ASP.NET Core WebAPI Authentication And Authorization Made EASY
Вставка
- Опубліковано 7 чер 2024
- Join this channel to get source code access and other perks:
/ @codewrinkles
Authentication and Authorization in an ASP.NET Core WebAPI using JWT Bearer is something many people fear, because it seems very complicated. Not anymore! This video is your ultimate guide to ASP.NET Core Authentication and Authorization. We'll understand how to leverage the power of Microsoft AspNet Core Identity and the default authorization engine by implementing our own authentication endpoint. While doing this we'll understand how to generate JWTs in .NET, how can we work and persist claims and roles, so that we can use them for authorization purposes. Last but not least, we'll see how easy it is to perform role based authoirzation in ASP.NET Core.
Content:
1. Intro: 00:00
2. JWT settings: 02:40
3. Options Pattern: 04:38
4. Generating JWTs: 05:56
5. IdentityDbContext: 08:45
6. Configuring JWT Authentication: 10:35
7. Configure Auth in Swagger: 15:31
8. User registration: 17:23
9. User login: 23:35
10. Role-based authorization: 25:49
11. Testing it all out: 28:00 - Наука та технологія
I know that it is for the purposes of the demo but it should be noted that you don't store the FirstName and LastName in the database as claims. You might include them in the claims in the token but they definitely do not belong in the claims table in the DB.
Fantastic video, you have a great way of explaining these things. In details, but with full clarity! Please continue the series 🎉
Thanks, will do!
Great Video Dan, Thanks! Greatly explained.
Glad you enjoyed it!
I am learning a lot with your videos, Thank you
Glad to hear that! Thanks for watching!
Sorry Dan,
Why didn't you extend the Identity user to the athlete?
Is it for your specific app?
very good , can u explain use with clean architecture?
Just stay tuned for next week :)
Would you like make videos about authentication and authorization using JWT with Blazor NET8 auto render mode
This approach has many difficulties
I probably won't do a video on this topic as I don't think it should be an approach in a Blazor app. Blazor comes with its own authentication/authorization mechanisms and we should use them. I can't really understand why people still want to stick to JWT even in the SSR world. And I'm not talking here only about Blazor, but also about NextJS, Angular Universal and so on. I think we as developers should adapt to these new ways of rendering web application and not try to apply archaic techniques to modern technology.
@@CodewrinklesWhen making simple applications for our own use, we can choose how modern technologies we want to use. In real life, however, we often don't have this option - if, for example, we are forced to do an integration with an existing SSO, we have to adapt to its mechanisms: if it uses JWT (and this is very likely), we will also have to use JWT - even if Blazor offers a solution better tailored to its needs.
Thanks! Have a coffee on me!
Thanks a lot, but it was not necessary. You already give me a coffee each month through the mebership.
You've been working extra hard lately, Dan, and we all appreciate your efforts!
Gigachad