ASP NET Web API token authentication

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

this is part 20 of asp.net Web API tutorial in this video and in a few upcoming videos we'll discuss step-by-step how to implement token-based authentication in asp.net web api using owen middleware and identity framework of n stands for open web interface for dotnet will discuss more about even middleware in a later video so here is what we want to do we are going to make use of this employee's table on the left in this demo we want to retrieve data from this table and display it on a web page only for authenticated users as you can see right here in addition we also want to provide a registration page using which new users can register with our side once registered they can use those registered credentials to login to our site and see the employees data our registration page should look like this we need three pieces of information from a new user to register with our site we need their email address password and confirm password now let's try to register using this email address good when Curt at gmail.com let's provide a password and confirm password let's click the register button notice we are getting a validation error I've already registered using this email address and that's the reason why we are getting this error good wented at gmail.com is already taken we can dismiss this validation error by clicking this little cross right here now if I use a different email address could rank at 1 0 at gmail.com and when I click register notice we get registration successful when I click close on this it automatically redirects me the login page and now I can use the email address using which I have just registered and login to our site so now I am redirected to data dot HTML the system knows I am logged in and that's the reason why it displays this log off button here we have load employees button when I click on this button we get the data from the employees table at this point if I navigate to register dot HTML and then if I come back to data dot HTML it still knows I'm logged in and it takes me to the data page we have the log of button we also have the load employees button now when I click log off I am logged off and it automatically redirects me to the login page at this point if I try to go to data dot HTML page look at that it automatically redirects me to the login page because I am not logged in and if I try to provide an invalid username and password it displays a validation error the username or password is incorrect so we need to implement these three pages registration page login page and data page now we are going to make use of event middleware and identity framework to achieve this in addition to oven middle there and identity framework we'll be using a few other technologies we'll be using a speed or net web api ad or dotnet entity framework sequel server bootstrap and jQuery if you're new to any of these technologies please watch the respect to playlist from our YouTube channel and here is the link to our youtube channel where you can find all the playlists i'll have this link available in the description of this video so the first step here is to create the employee's table and populate it with test data i have the secret script for that right here i've already executed the script i'll have it available on my blog in case you need it so when we select data from the employees table we get all the test data the next step is to create the web api service which is going to retrieve data from this employee's table so let's flip to visual studio now in visual studio click on file new project under visual c-sharp select web asp.net web application and let's name our project employee service click OK on the screen web api and set authentication to individual user accounts if this is set to anything else click Change authentication button this shows us all the different authentication options that we have so make sure you select individual user accounts and click OK the individual user accounts option uses membership database the new users that we register with our application will be stored in that membership database we'll discuss more about the membership database in a later video in the series so at this point click ok this is going to take a few seconds to create our Web API project there we go the project is created now let's add a devoted entity data model which is going to retrieve data from the employees table so let's right click on our employee service project add new item select data ad otorten entity data model let's name our data model employee data model click Add we want to generate the model from the database so select entity framework designer from database and click Next we want a new connection so let's click the new connection button we will be connecting to sequel server on my local machine so the server name is going to be dot and then from this drop-down list select employee DB database which has got our employees table and let's click on test connection test connection succeeded click OK and now let's click Next this screen is going to show us all the tables views and stored procedures that we have in our employee DB database so we want this employees table click finish this is going to generate the ato dotnet entity data model for us the next step is to add employees controller so let's right click on the controllers folder add controller select empty Web API - controller and then click Add let's name our controller employees controller and click add there's going to add employees controller with our employees controller we are going to have a single public method which is going to return us I enumerable of employee objects now if you're wondering where this employee object is coming from it's coming from our ATO dotnet entity framework the employee data model that we have just created has got the employee entity right here so we are returning ienumerable of employee objects from this method this method is going to respond to a get request so let's name this get now we are going to create an instance of employee DB entities so this is the database context class which is going to help us connect to the database and retrieve employee entities so let's create an instance of this class using employee DB entities let's call this entities equals new employee DB entities then all we want to do here is return the list of employee objects let's run our project now by pressing ctrl f5 we are on the home page right now let's navigate to slash API slash employees notice we see the list of employees at the moment this request is not authenticated but we are still able to see the list of employees that's not what we want we want only the authenticated users to be able to see the list of employees so let's slip to visual studio and decorate our employees controller with authorized attribute let's give our solution a build and when we reload this page notice we get authorization has been denied for this request since the employees controller is decorated with authorized attribute all the actions within this employees controller need to be authenticated otherwise we get this four zero one error authorization has been denied for this request in our next video we'll discuss implementing new user registration page once a user has registered with our application he will be able to log in and view the employees data thank you for listening and have a great day

Info

Channel: kudvenkat

Views: 428,323

Rating: 4.5306273 out of 5

Keywords: asp.net web api 2 bearer token, token based authentication web api c#, asp.net web api authorization has been denied for this request, asp.net web api authorize attribute, asp.net web api bootstrap, asp.net web api authentication token example, web api individual user accounts, token based authentication using asp.net web api 2 with owin

Id: gkWb7yQb6ro

Channel Id: undefined

Length: 9min 0sec (540 seconds)

Published: Mon Nov 28 2016