I need to trigger a method when the user's login expires, I'm using asp.net core mvc and uses built in login features. Is that possible in asp.net core?
Related
I'm currently working on an ASP.NET Core 5 MVC web project, I used default created Single User Account generated template for user management. I have applied the migration and it's working fine as expected. I need to set SSO cookie so other web applications can use that and work without sign in. In .NET 5 AccountController is not visible. What is the best way to set SSO cookie?
It is "Share authentication cookies with ASP.NET Core Identity". You can see guide at reference document at https://learn.microsoft.com/en-us/aspnet/core/security/cookie-sharing?view=aspnetcore-5.0#share-authentication-cookies-with-aspnet-core-identity
You persistence it to web-browser by
services.AddDataProtection().PersistKeysToFileSystem("{PATH TO COMMON KEY RING FOLDER}").SetApplicationName("SharedCookieApp");
services.ConfigureApplicationCookie(options => {options.Cookie.Name = ".AspNet.SharedCookie";});
Depend on your second web-application what received your cookie sharing, you can see case with ASP.NET Core Identity or with-out ASP.NET Core Identity.
https://learn.microsoft.com/en-us/aspnet/core/security/cookie-sharing?view=aspnetcore-5.0#share-authentication-cookies-without-aspnet-core-identity
With ASP.NET Core 5, Angular 10 and Identity Server 4 I created 4 applications:
Auth using Identity Server 4;
Asp.Net Core 5 API
Asp.Net Core 5 MVC
Angular 10 SPA
On the Angular application (4) I am using OIDC Client JS and Code Grant Type.
The Asp.Net Core 5 MVC application (3) also needs to access the API ...
I am using Identity Model but what Grant Type should I use in MVC application?
Code as in the Angular application (Is this possible?)? Client Credentials?
If you login the user on MVC application and you want to call the API on behalf of the user use the Code flow.
In this case only difference between MVC and angular apps is that Asp.Net Core 5 MVC is a confidential client and you can use Code flow. But Angular 10 SPA client is a public client and you should you Code + PKCE.
It is although recommended to use PKCE in both cases.
If you just call an API through MVC and as the app itself and not behalf of the user, you can use Client Credentials flow. This flow is for server to server scenarios and it is secure.
In this case you should do authorization for MVC app as well.
Currently, we are running MVC 5 application with form authentication(.ASPXAUTH) and now we are building a new part based on .Net core MVC 3.1.
and we are hosting the MVC 5 application on https://test.admin.com:80
and .Net core MVC3.1 application on https://test.admin.com:82
Constraint: User will be login to MVC 5 application (i.e https://test.admin.com:80)
form authentication(.ASPXAUTH) will happen, based on some condition they will be redirected to core application(https://test.admin.com:82).
Now the requirement is to consume API's (MVC 5) from the core application so I need to read the .ASPXAUTH cookie in the core application to authorize the API (MVC 5).
Is it possible to read the .ASPXAUTH cookie in the core application??
Thanks in advance.
I have two ASP.NET web applications.
A legacy web forms application built using .Net Framework 4.6.1 with a Membership Provider
An AspNet Core application that uses Core Identity 2.1
The two web applications comprise the overall web application.
The plan is to have both applications hosted in IIS and allow the Core web application to manage authentication/authorization for both web apps.
I have already implemented cookie sharing between the two applications using an OWIN startup class in the web forms app and corresponding middle-ware in the Core app.
The flow is as follows:
The requests coming into the webforms application will be intercepted by a Http moudule which will redirect to the AspNet Core login form if the user is not authenticated.
Once the user enters their credentials in the Core Login form, they are redirected back to the Web forms application Home page or whatever other page as if they had logged into the app directly.
The issue I am currently having is that I haven't been able to find a programmatic way of authenticating the user as though they had submitted the Login form in the web forms app.
Is there a way to programmatically authenticate a user by using the Membership Provider via Core Identity?
We are building ASP.NET MVC core web app and accessing data through ASP.NET Core Web API.
We have to give authentication and authorization to both MVC Core and Web API Core side.
If user is authenticated in MVC core web app then while accessing the data on web API core it is should not again authenticate. If user is directly accessing the web API then it should not allow and ask for authentication.
We also want to give authentication through Google.
For WebAPI I suggest token based authentication, Google support OAuth.
I suggest you take a look at the following link:
https://stormpath.com/blog/token-authentication-asp-net-core
There are some community-led efforts to build rich token authentication functionality for ASP.NET Core:
AspNet.Security.OpenIdConnect.Server – Similar to the OAuth Authorization Server middleware for ASP.NET 4.x.
OpenIddict – Wraps OpenIdConnect.Server up into an easier-to-use package that plugs into ASP.NET Identity.
IdentityServer4 – A port of Thinktecture IdentityServer3 to .NET Core.
All of them have sample MVC and API apps. Enjoy.