Last post Aug 18, 2017 09:46 AM by firstname.lastname@example.org
Aug 16, 2017 06:33 AMemail@example.com|LINK
when you make a new asp.net core web api project in visual studio the authentication section is disabled. if you make a new asp.net mvc app with "individual user accounts" options the account management functions ( registration , password reset ... etc)
is wired to the web pages.
APIs need authentication too,no? so why i can't use the ready made authentication system for my new API project?
Aug 16, 2017 07:57 AM|Dmitry Sikorsky|LINK
It's because authentication in web API is not based on cookies and works not the same way like in usual web application with 'pages'.
Please, take a look at JWT: https://blogs.msdn.microsoft.com/webdev/2017/04/06/jwt-validation-and-authorization-in-asp-net-core/
It is designed to authorize users and applications in web API.
Aug 17, 2017 05:27 AM|Edward Z|LINK
Per to the Road map of Asp.Net Core, it will be supported on Asp.Net Core 2.0
A service layer will be added ASP.NET Core Identity and included in the project templates using Individual Authentication. This will allow authentication of users by way of JWT tokens such that Web APIs can be secured out of the box, and make it
simpler to change authentication systems, e.g. from in-app Identity to Azure AD B2C, or 3rd-party solutions like Identity Server.
.net Core 2.0 Preview has been released, and you could try to install VS 2017 Preview and .NET CORE 2.0 SDK to try this new feature, and you will find the Individual User Accounts is available option like below.
Aug 17, 2017 06:06 AMfirstname.lastname@example.org|LINK
visual studio says UseJwtBearerAuthentication is obselete , and link to the article https://github.com/aspnet/Security/issues/1310 which doesn't make any sense for me as newbie.
i need a asp.net core 2.0 book asap
Aug 17, 2017 06:18 AMemail@example.com|LINK
i am making a private api, that means user registration is done through me only. the employee comes to me i verify his identity (as an employee in the department) register him as a user in the system issuing user name and password.
the system that you mentioned depend on azure , our administration will never accept anything like that. on prem only :)
so i need a "ready made " system for authentication that store all data in the local database.any technical reasons why this can' be done?
it is unfortunate that the first wall that i have to penetrate in my journey in doing my app in asp.net core 2.0 is the identity and i have to documentation to learn from :(
Aug 18, 2017 02:23 AM|Edward Z|LINK
For Web application, there is Store user accounts in-app and connect to an existing user store in the cloud, for Web api, there is only connect to an existing user store in the cloud. I am not sure whether Store user accounts in-app will be added while Core
If you need this feature, I would suggest you submit a feature issue in Asp.net Github.
Aug 18, 2017 09:46 AMfirstname.lastname@example.org|LINK
I did , thank you