An website created by Node.js/Express.js. Authentication provided by Passport.js. After login Express.js creates cookie.
Subdomain will be created with .Net Core. And it if found cookie, has to automatically authenticate user.
I know .Net Core Identity.
But I can't get any information in Google about this solution.
How .Net Core app can authenticate if cookie is founded?
Related
I am trying to create an ASP.NET Core Web API project with role-based authorization, but there isn't any guide or article about it without using ASP.NET Core web app and razor pages which I don't want to use because I am making my own UI in angular. But also I want to do all logic behind authentication and authorization on BE.Is there any guide for step-by-step implementation of role-based authorization?
I have 3 roles: sysAdmin, employee, patient.
I have only one option for authentication and authorization and that is checking if session is expired for that account, but how do I hide content for that user?
When we have a web app, we can let users sign in and the request are all inside the server, so the cookie which contained user information can worked well for authorization. but when you have a SPA + web api, they usually use access token for authorization. and that's why I share the link with you, it showed how to authenticate the SPA.
I have a Blazor Server app which wants to connect to a .Net Core WebApi. The app should send an authentication request and the WebApi returns a JWT containing user data. For any further communication with the WebApi the JWT should be used to authorize against it.
I'd like to ensure that only authenticated users can access the server app. If someone is not authenticated he or she should be redirected to a login page.
Up to now I've used a combination of default Identity with AzureAD authentication.
Is there any option to have a JWT authentication working the same way?
I have selected Individual User Accounts while creating Blazor application. I have no idea where I can modify the Login page that was created, the file with source dode is not available anywhere.
How to modify Login page in that scenario?
When choosing your configuration the created template gets delivered with IdentityServer and ASP.NET Core Identity. IdentityServer makes the Endpoint OpenID/OAuth compatible. This is needed for the Blazor WebAssembly app to streamline the process of getting a token, validating it etc. ASP.NET Core Identity is used to save and retrieve the users from the database, loging them in by setting a Cookie and checking the correctness of provided passwords, hashing them etc. This link answers how you can modify the default Razor Pages delivered when an app with ASP.NET Core Identity is created.
Where are the Login and Register pages in an AspNet Core scaffolded app?
I already setup the MVC external login with my own OAuth2 provider. It seems the default "ASP.NET Identity" will still create the user locally (Using the default Entity Framework DB).
Is it possible to avoid this and completely leave the authentication to the external party? Like the Windows Authentication or JWT based WebAPI.
I tried to follow Use cookie authentication without ASP.NET Core Identity but it goes nowhere.
I've created a mvc web application that uses openid to authenticate with Azure Ad and get the claims along with the token. I'm interfacing with Web Api to do the business transactions. The web Api is configured to oauth bearer tokens.
I've created separate oauth clients in Azure Ad for the Web App and Web Api. I'm able to get a token for Web Api from the Mvc Controller using AuthenticationContext to send to request to Web Api. I need to know how I can send the current User Claims as well to the Web Api. The claims in the Web Api are not having the claims of the User from the Web App.
Let me provide a bit more context here. I've created a MVC Web Application and a Web Api layer. The MVC Web App is configured to use OpenID authentication using Azure AD and I've configured the Web Api layer to authorize using OAuth Bearer tokens. The actions in the Web Api layer will be called through ajax requests and the bearer token will be added to the header of each Ajax requests. When the User is authenticated in the Web App, additional claims are added to the User on top of the claims from Azure Ad. I'm able to create a token for the Web Api layer using AuthenticationContext.AcquireToken, but the token for Web Api does not have the User info from the Web App.
I'm taking a wild stab in the dark here, based on what I think is happening.
Claims are attached the user, so theoretically, any claim you add in one place should be available in the other, as long as both applications share the same user datastore. However, claims are loaded at the point of authentication and not dynamically updated. As a result, if you're already logged in to the web application and you add a claim with your Web Api, that claim will not be available on the web application side until the user is re-authenticated.