ASP.NET Core Angular Authentication with Identity & EF Core

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

some time ago I asked people what kind of authentication setup they would like to see with asp.net core and people said angular with cookie authentication and using identity framework with Entity framework so that is what we're going to be covering today I'm going to expect you know at least some asp.net core which some of my previous videos and you know angular hopefully more than me because I don't do angular without wasting too much time let's go ahead and get started the setup is pretty minimal program CS is pretty much empty where I just have an extensions method on the web application Builder that is setting up a proxy to my spa application if you don't know how to do this go ahead and watch my videos about asp.net core and Spa setup the link is going to be in the description nevertheless I am creating an API Group and all of the endpoints that I'm going to be putting here are not on the app but rather on the slash API endpoint that's because all of the other routes are going to be within this client Library which is a angular Spa application I have the both applications running in terminal this is a clean.net core application and this is an angular application this is what it currently looks like we got a couple of links here although no routing has been set up so the application is pretty minimal all I've done is cleared out the template and I've added a couple of routes in my app modules I have also set up a the HTTP client because we're gonna be sending credentials back and forth we're gonna need to log in essentially and then for my app routing nothing is set up over here first of all we're going to set up three main components of authentication that is registration log out and then signing in what I'm going to do on the client is I'm gonna open up a new terminal and I'm gonna use NG generate command so if you don't know what NG is perhaps this video is not for you I'm going to generate a component and this component is going to be login I'm also going to generate one for register and then I'm going to generate a service and this is going to be my authentication Service so I'm just going to call it off now I'm going to collapse the terminal and I have my login page I have my register page and I I have my off service which is marked provided in root which should make it Global the authentication Service is going to be core to what we're trying to do so I'm going to inject a private HTTP HTTP client into here and we're going to have three functions load user login and register these are the things that we want to perform and if we actually want the functionality for this we should implement the endpoints on the back end so let's go ahead and add the following three endpoints user login and register for the user endpoint we're going to convert the current user and his claims to a dictionary and we will return this for the login endpoint we're submitting a login form with username and password we're not consuming the password just yet we're starting off simple we just want to create a cookie and we're signing in with the cookie authentication schema in order to be able to actually sign in with this at the top or the Services we will need to add our authentication this is going to be the default cookie authentication and it's going to point to the services that are registered by the ad cookie method and this is going to say cookie as well so we identify the functions with the cookie authentication schema we're saying that it's the default authentication schema and then here we're signing in with this authentication schema or the registration we're going to leave this as to do and then we will duplicate this create a log out endpoint on here the results we will call sign out and for the authentication schemas let's provide a list of strings where we're just going to say that we want to sign out out of the only authentication schema that we have which is going to be cookie I like to keep my endpoints clean so I'm going to take out the functions into their own files so inside my solution I'm going to create a directory for endpoints inside endpoints I'm going to add a couple of classes like the user endpoint I'll move the Handler to here and on the the other side all I have to do is specify that for this endpoint I am using the user endpoint Handler now I'm going to do the same for the other endpoints here is my login endpoint I'll leave register alone for now and here's my logout endpoint so our program CS ends up looking quite neat the last thing that we need to do is go into this build with spy extension that we have set up over here and attach the use authentication middleware even though we're using.net 7 we have to attach it manually because we ended up overriding the whole middleware come back to the alt Service close everything else and accidentally close the auth service and now we want to start implementing these methods as well as the log out first of all we'll load the user from the user endpoint quite simple Here's the final login endpoint it looks quite simple as well one thing that we need to not forget is to specify the options and say with credentials set to true this is going to make sure that the cookie that is going to be returned is going to be automatically stored in the browser one thing to note I've set this up as post and I think in program CS over here I said login to be get so let's change this to my post or register it's going to be the same and then log out we will leave it alone but we want to make sure that only authenticated users are going to be hitting the logout endpoint so we add require authorization in order to be able to use this we need to register authorization semicolon on the end and then inside build with spot we got to make sure that we're using authorization so use authorization middleware in order for the services that have been registered over here to get triggered if we don't specify policy this is just going to make sure that the user is actually signed in before trying to reach logout coming back to the auth service for the logout we just want to hit a get endpoint and I think that's it for now with the auth service we'll relieve register alone we'll take the off service and we're going to take it to our login page so login component we will specify providers of service in here let's get a Constructor going private auth service and then of course a proxy function where you would have some of your validation living Etc and the neat little form I'm using fields for each individual thing you want to bring in a typing or use typescript I'm more of a JavaScript person myself let's get a login form going there we go a humble login form I'm now gonna go into the main component and the HTML over here I'm just going to add a button for logging out and there's the logout button let's see how good the ID is so the log out you know I wanted a function but that's not quite it so it can't figure that part out but let's create a logout function we will need the auth service for this again proxying the function call and making sure that we specify the provider not sure what this quickly is but I'm pretty sure it's all right so inside up component let's just make sure we got the parentheses over here we're going to come back here refresh and we got the page so as always open up the developer tools the network tab let's go to the login page I haven't set up the routing so let's go ahead and do that inside app routing module let's go ahead and slap on a path log in with component login component let's do the same for register there we go let's give this a refresh go to login let me double check that I don't have any cookies stored just yet so I'm going to clear everything out back to the network tab we'll have Anton password one I'll submit the form and when I click nothing is happening even if I have the all selected over here no errors in the console so I must have messed something up let's go to the login component okay so submit let's instead use click and that wasn't what I wanted there we go before I log in I'm gonna clear everything let's log in there we go so in login I have the set cookie so cookie should be set in my browser I'm gonna go to application I'm gonna see the cookie perfect if I log out the cookie is being deleted and that is because if I go to the network tab I'm gonna see the logout call and in the response header I can see that it is asking me to remove my cookie cool so let's log back in I should have the cookie now let's implement the user fetching so when your application is going to load it should fetch the user and during the construction of the auth service I don't know how terrible this is going to be so let's actually just clean this up a little bit we're going to return this from here and we will just call this load user from the beginning before we assign the user let's also console log it so console log user and then assign this user we're going to come back so we're loading the user and the username as empty so first of all we're loading the user twice and second of all the model binding has perhaps failed us so let's double check what is happening if we come back to the network tab the history is saved if we go into login and we take a look at the payload this is just my inability to angular and I've not actually submitted any information when I was logging in not on the first time not on the second time so c-sharp is still working let's figure out what is happening with angular so we took the auth service we have registered inside app modules or no we didn't so anyway I think register the alt service over here so it's globally available and then we don't attach it in the providers anywhere else so we're gonna go into the login form over here and remove the off service from here well we'll come back and now if we take a look in the console we are loading it only a single time let's fix the login form after looking this up I have gone ahead and seen NG model looks like I will need to import NG forms module and writer is carrying me so I'm happy with that let's come back I'm going to resign in as Anton clear everything log in and now we're submitting information if I look over here and I refresh Anton is now part of my user information so the user is loaded on Startup the user can be loaded after we log in I don't know the idiomatic way to do this but if I go into authservice.ts let's say I'm logging in over here and this has happened I want to go ahead and call this load user and this should work just fine if I come back over here let's go ahead and clear or even log out so if I refresh I should get get something that looks like empty I can check for presence of a user ID but let's say Anton password login and the user will automatically be injected I can then redirect so on and so forth let's implement the user ID check so I'll have something like this you can put additional functions that are going to represent if the user is signed in or not I will go into the main page and I'm just going to Output the user from here so I will need to proxy this from the auth service I assume we're going to be looking at something like this and I'm expecting this to crash and it does so what you really want to be doing is in your app.component this is going to be your centralized first initialization stage you want to place something like NG in it or whatever it's called so this NG on init let's go ahead put it over here refer to auth and initiate the login right over here so this auth load user we're gonna do it right here and we're gonna remove the load from this Constructor which wasn't very good very good anyway so let's refresh we're still going to get an error because the subscription Hook is asynchronous after looking this up looks like they want me to rely on the first value from the rx.js library so this function right over here I gotta grab this call and put it over here this now becomes an awaitable promise a const user and then take this if statement logic over here place it over here and perhaps return the user I think I'm okay to leave this promise over here dangling if somebody knows how to use the HTTP client better please make sure that you suggest it to other people in the comments now back to the upcomponent.ts when I load the user let's make the function asynchronous await and I'm gonna get the user on the back of this but I'm gonna ensure that when this component loads all the other components are going to have the user so I'll assign the username by doing something like this maybe shift the username over here format everything and then display the username besides the login button or the log out button so a good looking username and now let's take a look at this and there we have it so ref refreshing basically the user gets loaded right at the beginning now will be a good time to transition from our mock authentication to real authentication with identity and Entity framework core for this we're going to go into program Cs and actually I'm going to take this login form and move it to the login endpoint over here here close this off bring out my nugget package manager and bring in Entity framework core I'm going to add this to angular I'm going to also add postgres so Entity framework core postgresql add this over here as well and then the design as well because I'm going to be needing to add migrations I'll collapse the Nugget package manager let's quickly take a look at the Cs project I'm gonna have the following packages as part of Entity framework core I'll close this down we will go and sit somewhere above authentication where we will say Builder services and add identity and here we will have to specify identity user with identity role I believe and then we will need to link this up with Entity framework so let's add Entity framework or something like store or DB context I believe I'm missing a package so entity and identity I'm going to search for Entity framework and scroll down a little bit and I'll find Microsoft has been a core identity Entity framework core package I'm going to add this to my project let's collapse this down and now I should have the extension to set this on a DB context or Entity framework stores and for this I will actually need a database so let's go ahead and act a directory called data and here I'm going to add my database with the database class I'm going to make it extend from DB context or better yet identity DB context where it's going to be storing identity users if you're not familiar with identity framework the identity DB context will come with a bunch of things so it will inherit from a class which inherits from a class which inherits from 10 other things but ultimately this is going to contain the DB sets for storing things like roles claims users Etc so with this database if we just quickly test this out we don't need to pull this anywhere this to program CS if we have this database over here and we do dot on it we can access users user claims we can do all of this interaction ourselves however when we're registering ad identity and if we follow down the chain of the of these methods and look further down we're gonna see services like user manager sign-in manager role manager a bunch of these Services all they're doing is they already have pre-built functionality to interact with an identity DB context and because your database inherits from it it is an identity DB context so all you have to do now is a link identity to this database and register this database as a DB context with the services so add DB context database we'll also need to add a default token provider so our identity framework is linked with the database and the database is now registered we now need a connection string so I'm gonna go into app settings I'll create a connection string section here I will specify my default connection string then coming back to program CS or the configuration over here I will say I want to use MPG SQL inside I will have to supply a connection string which will come from Builder configuration and get connection string and we're getting the default connection string and now all is left to do is to run the migration so let's open this up we're going to use.net EF migrations add identity looks like I'm not referring and seeing this package so let's listen to Entity framework and get the correct package another relational one just the design one so let's get that in I have a feeling I have brought that in as part of the postgresql design so let's actually get rid of it I'm going to remove that from the Cs project come back to program Cs and make sure that this is installed it should be bring back the terminal and rerun the command and I get a pretty ugly error no database provider has been configured for this database context and that is just because I haven't actually generated a Constructor so let's generate some code we're going to get the Constructor with the DB context options this can be a generic type and we're going to specify the database here let's rerun the command Now update the database and looks good to me let's just restart our application and looks like everything is still working now with identity framework it is important to realize that if we open up add identity and again we go down the chain it is adding add authentication on our behalf so we don't actually have to call this function anymore and it also adds a bunch of cookie authentication schemas which we really don't care about it is going to be this cookie authentication schema that is going to take care of most of the stuff so let's come back into program Cs and we're going to remove the authentication that we're adding over here the user endpoint can remain as it is however the login endpoint if we go into the Handler over here in addition to the login form we want to supply a sign and manager for the type of identity users so this is just going to be a sign in manager let's also give this function a body whatever we've been doing over here is now implemented under the hood in the sign in manager using the sign in manager sign in password async so from the form we're going to grab the username and we're going to grab password and then you can see this is persistence flag this is the same as having this persistence flag over here or although now it's going to be supplied as a parameter in this function we can say we want it as true and all that this is persistence flag is going to do is it's just we'll make sure that the cookie stays in the browser after you close it the last flag we will supply it as false if we hover over we will see that it's lock out on failure if you need that as true configure it as true let's go ahead and put a weight over here and there is going to be a result if the result is successful return OK if the result is not successful let's return a better request but we'll clean up the Imports we will copy the whole class and we're going to create a register endpoint now so register endpoint paste everything in here clean up the file a little bit change the form so we got password word and confirm password you can Implement whatever validation you like here fluent attribute I'm Gonna Roll my own if statement Next Level 3000 validation extraordinaire you know what I'm talking about here in addition to the sign in manager we want to bring in a user manager a user manager is another type that is provided to you that is specifically managing the entities in the database a sign in manager is integrating with all the authentication handlers with regards to dealing out the cookies and all of that the sign in manager internally is actually going to use the user manager so let's go ahead and specify the user manager over here we will use the user manager to create async and we have to supply a user over here so VAR user equals new identity user and we can give this user a username from the form let's create the user and the second parameter can be password a wait on this this is going to have a result and let me scroll down if we fail to create a user let's short circuit if we've managed to do it successfully let's sign the user in we don't need to reuse the password we can just take the user that we have just created and Supply that instead of the username and password we can also just say that assign this user in and the function signature looks different so let's open it up we'll see that we Supply a user persistence and authentication method for some reason they decided to stop going with authentication schemas and they're saying authentication method let's remove this we don't need this there is going to be no result over here and we are going to return OK other things that you can do here is if you have email confirmation send an email and then wait for the user to redirect to your application to confirm their email so on and so forth and only sign the user in at the login endpoint rather than at the registration endpoint that is something that you can do I'm not going to be doing it here let's go to the top here we'll take the register endpoint to program and we're going to specify the Handler over here going down into the logout endpoint we can keep the function pretty minimalistic as we currently have it although we will need to specify the sign in schema which is pretty much buried somewhere here in that identity so if you never open it up you're not gonna know to put in the specific string which is going to be looking something like this so cookie prefix identity.application you're not going to know to use this right if you don't open this up so the way that you sign out is you have to bring in the sign in manager and if we actually take a look at the sign in manager over here right you have signal racing which is what you want to do let's go to the logout endpoint let's bring in the sign in manager we're gonna take sign in manager let's just call sign out async over here we're gonna transform this into a proper function well while I wait on it and we're going to return a result okay and there we go isn't that pretty this setup pretty much done let's see if the application restarts so it looks like we got a couple of warnings but you know it works so let's take a look in the application cookies let's clear the cookie we're going to refresh and we don't have the user I don't think I have a registration screen so let's quickly make that I'm gonna go down to client SRC I'm going to close all of the windows not to confuse myself I'm gonna go into login copy the form going to register HTML paste the form over here I'm gonna bring in confirm password and confirm password over here I'm gonna go into login component TS I'm going to copy everything in up to Constructor over here go to register component TS paste everything in make sure I bring in my confirmed password confirm password over here duplicate this line of code right just copy pasta everything instead of login I want to call register and if I go down to the register function I'm going to copy login form put it over here this is now going to be register form I'm going to do the same post instead I'm submitting register form and I'm also going to be calling to the register endpoint in the end this is also going to load a user you can return the user from these endpoints that you're signing up and logging in at so instead of just returning okay return the user and then you don't need to make the additional call you can do that as well completely legal let's come back to the application we will go to the register page there we go so let's say Anton let's do one like this I don't know if I'm getting validation or not so what are these These are better requests so I think I'm hitting validation let's put this here and we're still failing so this can be for for many reasons partly this could be due to Identity framework configuration we're going to go over here and we're gonna have some options and what you want to do is you want to specify some sensible development options in your Builder so if Builder you're going to find the environment and you can say if the environment is development let's say that on the options a user require unique email false and then on options password you want to disable all of this crap so required digit so you do something like this just to make your life a little bit easier let's come back over here and let me copy password one and everything deleted thank God I have managed to copy it so let's log in and there we go the registration has been successful however the user next to the log out button has not been updated I'm pretty sure if I refresh we still don't see the user if we take a look we got the payload so the the schema basically the claims you know Microsoft claims they look different so if you actually want the username you will need to map it to something sensible but let's say yeah we'll take this we want the name so when I open up the application NG on in it I want to grab this user claim and assign it here again take your user map it to whatever data structure you want currently if I want my data being displayed really pretty that is what I have to bring in also I don't know how exactly what I'm doing over here how reactive this is if it is then well no problem also just for pedantic reasons let's go into the register page so register component HTML let's make sure we call this register form while we are signed in here let's log out so we cleared and yeah this is not reactive so if I refresh this should be gone if we go into login and just quickly on the reactivity thing you know if your angular Master you're gonna have no problem setting up this reactivity in the view we have view X you know know whatever reactive Global State you need to set up for your services please do it if you have some library for centralized Global Storage I would highly recommend you store your user information in that and here let's go ahead and try to sign up that is copied code so hopefully I remember my password log in and I do not was it one enter doesn't work and it was one so let me copy it over there is the cookie and again if I refresh I should have the user the last order of business will be to actually bring in some data and store it in the database so let's go to the database we will create some models we have a project and then the project may contain some work tasks the point here is to see how can we authorize access to a project using asp.net core so let's register these entities with the database and now we want a user table so public class project user you can also call this project access so what kind of access does a user have to a project this is going to look something like this and there we have it so hopefully Entity framework can support this we'll say project users we'll go down to program CS we'll grab the apan endpoints variable create some space and start putting the endpoints over here so we can list projects we can try to go to a specific project we can try to add users to a project so just because a user can look at a project doesn't mean the user can add other users to a project and finally what I would like to see is promoting a user to some somebody who can now start adding users to a project we will add a promote endpoint which is going to allow us to promote a user and also I forgot the user ID on here I'm gonna make sure that this is a map post as well as the promotion call I'm going to do the same thing with these endpoints as I've done over here and create these endpoints in this endpoint folder over here I'm sure my face is hiding it but rest assured I will create these classes over here here are my project endpoints specifically the list endpoint I'm injecting the user the database getting a user ID based on the name identifier claim types and then I have a mismatch between the user ID that I get over here which is going to be a string and then a guide that I'm storing in the database so let's just store a string in the database come back to the project endpoints grab project and points Class come back to program Cs and place list right over here we're now going to attach some additional endpoints for the get endpoint we're attaching an ID and then we're also filtering based on this ID let's take it to program CS attach the get function let's create the add user endpoint here is our add user to project function it takes a project adds a user saves the changes returns okay let's take this function program CS same Spiel assign it to this endpoint and before we talk about promoting the users we need to understand what kind of permissions are going to like here if you're trying to list the projects you're going to require authorization if you're trying to get a project you're going to require authorization now the important thing here is on the get endpoint our authorization rule is this where statement right over here specifically it's here on the list endpoint as well what we can actually do is take this where remove it from here and shift this logic to an individual authorization Handler and an individual requirement I would highly recommend that you do not do this do not force your business rules into the asp.net core framework only use the framework for specifying policies like for example you're trying to upgrade the user and this is going to be a manager policy so let me hide the solution view over here so when we're going to promote a user what we're really doing is we're enabling that user to now add users to a project and the only reason that you would do something like this where you are actually relying on the authorization with the asp.net core framework is because this is very easy however this is still stored in the in the database you can still do this validation on your endpoints you don't need to cram this logic into requirements into authorization handlers Etc remember that your database in is an identity DB context when you're going to be elevating privilege privileges you're going to be adding stuff to the roles tables to the role claims tables Etc let's come back to program Cs and let's create our promote endpoint I'm going to bring in the solution Explorer I'm going to create a promote endpoint here's the promote endpoint where we promote the user just submit the user ID and then we find the user and give him a level claim where the value of the level claim is manager so now based on this we need to create our authorization policy we'll take the class and make sure we attach the endpoint so right over here promote endpoint promote user let's drop down the solution and require authorization only an admin May promote managers okay now in ad authorization here we're going to have options and on the options we are capable of specifying policies so add policy first let's specify the manager policy we're gonna have a policy Builder and the policy is only going to have a single requirement that you have a level claim with the value of manager if we copy this and create an equivalent admin policy but we'll notice that if our admin has an admin claim we will not be able to reach manager because the level claim is going to have admin it's not going to have manager so what we can do is we can say that the level claim can either be manager or it can be admin if we hover over here we can see allowed values where we must match one of these now from the beginning we're not going to have a user that is going to be an admin so we will need to precede it and I haven't added any of the logic for creating the project Etc we will need to see that logic as well there are a couple of places where you can do the seating logic either in the build with Spa which is going to be a good place so in here we will have the app after we have built it so here we can grab app services this is going to be a service provider we can get required service like user manager for identity user and let me make sure I scroll down so we have some space this is going to be user manager if there is no admin in the database we want to create the user and also give him a claim then we want to do the same with the database so let's grab our database if there aren't any projects we will add a couple of projects and save the changes we will now grab the user place the user right over here make sure that we create them and then when we're adding these users the admin is going to be there by default now we have added a bunch of tables and stuff like that so we will need to run migrations let's come back to this tab over here I will bring up the previous migrations for projects we'll update the database I'll start up the application again looks like I get an error that I cannot resolve a sculpt service let's create a scope after creating a scope we want to be resolving these services from the scope so service provider and we'll do the same for the database let's restart the application looks like everything has launched successfully again let's come back to the application clear everything drop down the terminal and navigate to the app I'll add a page for projects so NG generate component projects drop this down a project is right over here I think I named it something else as well this is just gonna be on the Home Route so coming back to the routing module create a path that is empty and this is going to be a project component closing down app routing we'll rename this to projects we'll open project components.ts and HTML and start working with this so first of all let's add a Constructor our HTTP client and there we have it when we load this page we try to load all of the projects if we come back and we actually try to do it so projects we see that projects work and projects indeed was successful and that is because we are authenticated first of all let's actually clear this let's log out and we have actually logged out let's login as the admin looks like that has been successful cool and we're on projects let's render them in a nice looking list here is the html4 listing projects if we take a look at the HTML we have it now I'm gonna spawn another window where I'm also going to sign in although as a different user I'll give this a quick registration and I'm going to go into project so over here I'm not gonna see anything if I go to the network Tab and I get the user ID that I want to add so let me just copy this if I try to get the individual project it's not going to work for me as I said before you don't want to move that logic for getting individual resources into authorization handlers I think that is not going to be very nice we're going to add an input form or adding a user to a project and also promoting so there is the amendment the input form for the user we're going to promote him I'll just add a click event over here promote don't need a parameter on the other side let me put this on here actually I'll hide the solution View and make sure that I add a user from the beginning it's going to be an empty string and then the promote and add user functions so on the promote let's take about yay much let me remind what kind of endpoint we have so this is a post and the add user is a post as well we post and we're promoting this user ID instead of a wait I'll place a return here and we do the same for the project so slash projects first of all we Supply the project ID and then we add this specific user let's come back to the browser and actually looks like I have a bunch of errors I'm guessing it's because we are not submitting a body let's close the HTML and submit null over here as well come back to the browser I will have to specify that project ID is any type goddamn type script and that looks good so on the user let's again grab the good I'll take about yay much let's see what happens if I try to promote myself I'm gonna get an redirect to access the Knight which is okay if I try to promote the user in the network tab the promotion should have succeeded I didn't get a new response but that is pretty much what you get so if we refresh the project nothing is going to happen because we haven't received the claims now you can use an i claims Transformer to keep loading the claims or if you don't want to rely on the claims in the cookie or use the claims Transformer you can always query the database that is where the claims are however I'm gonna log out I'm gonna log back in with test password log in go back to project and navigating to projects we don't see them because I've promoted myself and let's make sure we understand that promotion okay admin promotes my manager can add so now I can actually add to projects but I'm not part of any projects that I can add to so for the user that we have specified over here let's add them to project one looks like I have an exception of good user ID was not provided from the query string let's come back over here to the add user to project point over here user ID to add this is just going to be user ID okay so there's a name mismatch let's go to add to user ID project let's put him over here and probably could have this as string no need to convert to string from good come back to program CS remove the typo annotation let's come back to the front end not this one this one over here obviously I will need the user ID again so let's go over here grab the user ID Oh yay much come back over here Supply the user ID add user to the project so another cool little error a null reference exception on line 41 so let's double check what that is add user to project line 41 users is probably null I'm gonna assume that project has actually retrieved something so on users over here let's just say that this is going to be a new list the task is going to to be on your list you know we don't want any surprises let's come back over here and well speaking of those surprises we already had a couple of surprises so anyway uh let's take the supply the user ID clear ad and now the addition is successful if we refresh now we have access and this user since he has been elevated to manager I'm not going to show it but will be able to add other users because through the admin we already know that the logic is working and this will be it for this video angular authentication with identity framework with Entity framework core identity framework Services under the hood like the user manager the sign-in manager they're all going to be using the DB context under the hood and all the other functionality of results.signin or HTTP context.signin to produce a cookie or kick off the authentication Handler under the hood so if you've watched all my other videos you're gonna understand how to set this stuff up so that's mainly on the identity management side and on the authentication particularly on the authentication let's quickly mention the login screen generally with Razer Pages you're going to see a form with csrf tokens being posted Etc I would say you don't need to worry about the csrf token and you just submit your credentials using JavaScript so if you ever wanted a JavaScript front-end for your authentication component now you can have it I'm telling you there is no problems with it finally once you are signed in we're coming around to authorization which can be a little bit more complicated and it can be complicated only if you make it we've seen how we can protect endpoints based on claims and that is very easy if we would have taken that resource access that access to a task and started jamming the rules for whether a user should be able to access that task or not into some authorization Handler creating requirements for it Etc things would start to get very messy so when you're doing Authority organization applied to a group of endpoints rather than the individual resources or individual data access behind those endpoints Don't force that part into asp.net core otherwise this will be it for this video thank you very much for watching if you enjoyed it don't forget to leave a like subscribe if you have any questions leave them in the comment section if you enjoy my work and would like access to the source code please come support me on my patreon very very big thank you to all of my patrons that are currently choosing to support me your help is greatly appreciated as always thank you very much for watching and I'll see you in the next video

Info

Channel: Raw Coding

Views: 13,133

Rating: undefined out of 5

Keywords: .net core, angular cookie authentication, asp.net core, identity framework, entity framework core, .net 7, angular, csharp, typescript, auth service, authorization

Id: bSWKhoOzBvc

Channel Id: undefined

Length: 41min 40sec (2500 seconds)

Published: Tue Jan 31 2023