Angular 6 with JWT and Refresh Tokens and a little Rxjs 6

First Adjustments So before we get to the Angular code, I did update my Api code just a bit to both enhance our Values calls a little and also had to add to add some Cors configuration in order for the Angular UI to call into my Api and last, to update the Refresh Token call to send back a…

Read more »

Sql Server 2016 on Docker for Development

No Sql Server installation required! I have searched and found a way for me to run the developer version of Sql Server 2016 on my  SSMS on my development machine and I can spin up my Sql Server instance (or additional instances for that matter) whenever I need.  And when I don’t need it, Sql Server is not still running…

Read more »

Refresh Tokens in Asp.Net Core 2 Api

So you are now Authenticating your user and providing Authorization via the Jwt (Auth) token.  Now you don’t want your Auth tokens to live for really long periods of time, and you certainly don’t want your users having to re-login to your app every 30 minutes.  But for safety, how do we get around this? Refresh Tokens A refresh token…

Read more »

Validation in Asp.Net Core 2 Web Api

Looking back at our two endpoints in our AccountController class I hope you remember that we didn’t do too much to insure that the client sends us correct data.  In fact, as it stands right now, if a client sent us bad or missing data, our Api would just throw an application exception and we get back an ugly IIS…

Read more »

Capture Tenant in Asp.Net Core 2.0 Web Api

Let’s now capture the Tenant in our code.  Here I will be using the domain name of the web site the app runs on to determine who the Tenant is.  Normally you would capture domains names like “customerA.apothecaric.com” and “customerB.apothecaric.com” and you then determine which Tenant the user belongs to. Set Up Data For Development In our immediate case we…

Read more »

Authenticate and Authorize With Jwt Tokens In Asp.Net Core 2 Web Api

Finally! Let’s see how we “login” our user and make requests with Jwt tokens and have other endpoints protected from access without a valid token. Start With The Configuration File To set things up, lets add a few entries into our appsettings.json file.  Let’s add some Token settings to the file.

For our Tokens config, we want to set…

Read more »

Register A New User In Asp.Net Core Web Api

Here is where we get into the meat and potatoes a bit more.  Let’s start adding some endpoints and get our Auth and Auth underway. Start by adding a new, empty Api Controller to your Controllers folder.  I have named mine “AccountController”. Controller and a Register Method Here is my basic Account Controller with a Register method added in:

Read more »

Add Multi-Tenancy to Asp.Net Core Identity

Now I think it starts to get a bit more interesting.  I would like my API to be able to handle Multi-Tenancy.  For this situation we need to add a whole new class/table to Asp.Net Core Identity.  It is not as bad as it sounds. Create the Tenant Let’s start by creating a Tenant object. And let’s look at that…

Read more »

Customize Asp.Net Core’s IdentityUser

In the last post we set up the Asp.Net Identity database and saw that our tables were all created for us.  There is a lot of fields in the AspNetUsers table but if we do a bit of forshadowing….we know that we will need some extra fields. I would like to show the user’s name when they are logged in…

Read more »

Set up Asp.Net Core 2 Web API to use Asp.Net Core Identity

Pure API Project I wanted to do a series on using Asp.Net Core 2 and Asp.Net Identity and expand that and customize it quite a bit…. but… Only using an Web API project.  I could not find anything like that.  Every other post I could find on the subject would mix in an MVC project and things got confusing. If…

Read more »