.NET Blazor | Authentication with Client-Side Blazor using Web API and ASP.NET Core Identity

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] thank you hello guys welcome back to this channel in this video we are going to talk about authentication with client-side blazer using web API and asp.net core identity nowadays when you create a web application or a website security is very important so how do you protect the application from an authorized access how do you restrict how you provide registration and how do you provide login credentials as well now if I create application whereby you want user to log in anytime the person logs in do you want the person to be using his name and password all the time no when using visual studio or when using.net framework you can able to design an application whereby here you can provide a token and this token is going to be put into the headache any time a request is being made it goes in with the header and the header contains the token the token contains the details of your registration so the server can now access the token and respond back to the user it is possible in.net framework so that's what you're going to do in this video we're talking about authentication with client-side blazer using web API and asp.net core identity I have um I have made this already so that is what you see on the screen now I can just log in and log out this is a it's very simple so if you're planning to have a system or a protection mechanism against application a simple one of course then you can use or we can use this to do it let's see so first of all I have to register first but let's see with the source code I want to refresh and see if I have any account registered here let me delete that first so I'll delete this first van then I just go in there to register so I click on register now you see I have home I have fed data counter now you see this at the default apps or different default buttons when you create a new blazer webassembly application now I added these two but instead that's a register and login if I click on register it takes me to the registration page now if I click on login the same thing applies to it okay I have the button that can submit and log into the system the same thing applies to this to register now once I haven't registered let's right click and go to inspect or click on the F12 to go to development tools now if I come to the development section let's see with the Network click on the network resources now let's refresh this application so refresh it and get the whole items loaded now if I click on fetch data let's what happened here so fetch data now because I have the controller yes weather forecast it is returned a status code for 200 their verb type here it is fetch because that's the HTTP get we have the initiator and we have the size and the ETC now if I click on the controller here because I have a header preview response okay and cook it now let's see let's go to one after the other now there is the general information on top so the method is get the status code is 200. we need this already so you can now hide this the next one is the response header and if you see the content type is Json it is returning Json object from my 7 which is a castle server a default um Blazer web assembly or that is a visual studio ever in it and let's close that you have the smart server header already now when it comes to request header now you see we have Authority without authority over here because I can see it well and that is for let's see that's for the the localhost and the port the method here it is get we have the path that's the controller the scheme is https because I just secured once you can see from here https and now if you check the next one we have cookie so differently if it is a or if application doesn't have an authentication system we have a cookie that is it's registered for every web browser that gets connected to the application for the website now this one has its own cookie and that's a asu.net identity.application and that is a cookie over here so it starts from this side and it ends up to this okay so you see you want to check here we are not having any better token that is talking that the user logs in and it generates for the user to keep it now let's try to login and see what happens here so what you see you're not having any uh talking about there so let's register account first so I'm going to register with example at example.com the password that the password is going to be admin at one two three I'm gonna repeat the same thing over here admin at one two three now I'm gonna click on submit now after now you see it's been submitted and now if I click on account you can see I have the same thing that's the same cookie that is retaining in the header okay there is no talking about yet let's log in and we see that this is going to change that's what we did here the method is closed as indicator so you can read the header details here but what you want to actually Focus here it is a cookie so there is Cookie that is when we haven't logged in we have application cookie that gives us the access to the application and the stores and application for us in the header now let's login to admin at one two three let's not start login Watch What Happens here that's nice I login here now I am logged in so let me close this so guys we have hello I have my email here and I have logout okay now if I log out I have login and sign up now because as soon as I log in because I have this Also let's go again inspect and now let's click on fetch data now let's go to network now it is fetch data click on this let's go to the headline reader information over here so you see we have authorization and here we have better token now this there are here there is a token aside from the UI and ends at 4 h i now this is a cookie there okay so we have a new token here now this new token here that you as soon as you register it gets installed into the applications local storage how do you follow car storage not allowed to get here start from the is ey and the last one is 4-H I go to application and I'll go to um local storage and open that and click on the localhost storage so we see we have the start from the ey start from the ey and it ends at what 4 1 8 I so this token is being added to the header as soon as you log in anytime you want to communicate with the server it gets to the server it checks before it gets out the information that we need and that is what exactly what you want to do so we need how to provide username and password at a time this talking that you see contains the username password in the rule as well so that's what we have over here as a claim so how do you do this that is also going to have a look in this video so we're going to start a fresh from scratch so you can watch the whole video and it's going to help you when you want to secure your application by I'm adding the identity that is there authorization authentication mechanism in okay so I'll just close this and I just log out as you can see as soon as I click on logout let's click on inspect and now let's go to application again now you see a look after it I have nothing looking stored over here now if I click on the fetch data let's go to the network and now let's click on that let's see the headache we see the better token authorization it is off only cookie left so this time of the user is now logged out and it has to login again to get this access token okay so now when the user logs in there are some rules that you want to allow the method that you want to use that to apply or um perform there are some feature that you want to add as soon as the design logs in either as a user as administrator maybe this video aside from this video the next video I'm going to talk about that add-in claims or rule base to the authentication method by this time around you're talking about Json Authentication and the topic is what authentication with client side blades are using web API and asu.net core identity and remember that this is in the Blazer webassembly project so let's start going now the first thing that we need to do here is we have to create a new Laser Web assembly project so let's close this so I'll close this and click on file open or line to visual studio 2022 click on new now project so this project we're going to choose laser webassembly app we wait for the template to load then we go in for Blazer web assembly this is a Blazer server app you don't want you want the assembly app so click on that and I will click on next if you actually want to know the difference between Blazer web assembly app and a blazer server app you can check the playlist of this channel I have a video explaining what Blazer webassembly and the Blazer server app what does it do very simple so click on that and then next that's the ability of assembly now our project name is going to be demo so let's make that JWT demo so JWT demo now that's the location and the solution name click on nest and as I record this video the karen.net framework as I call this is 7.0 and that's exactly what we are going to be using so we click on configure for https you want to want application to be secured as well and we have the co-host there this gives us the access to the client web the API controller for as a server and a class Library as a project or ASL as Library as a tech project so we have shared project as a class Library we have a server doesn't API as the server and we have the web assembly as the client so click on Create and now let's wait what question is being created so we wait for it so it is ready now and as you can see from here we can close these tabs you can close them when you go to solution Explorer you have our project over here so there's a default one as I was talking about you have the client project you have a server that's the API and we have a class Library as a search Project now you can go ahead and run this application and see the default that it has so click on this to run that now we wait for it to run so now you can see it is building it after building then it's going to run to see the default app okay now I know we are starting from scratch so I want to I want everything to be open to you see the steps you can follow so you can get any any errors in yours so that's why we are starting from scratch okay so let's wait now it has been built and it is loading so this is the old one you can just now clear or close this old one so the current one that you have the port is seven zero nine seven two five zero if you have hello world now about nothing else again no register no login because you haven't added that is a new project now um fed data and counter everything is here right click and go to inspect element or click on the F12 key and when you go to the network tab click on the FED data the data controller click on that you see we have the cookie right here there's no bar token here so this is the default one that we see when you go to your application local storage now because we have to know assets took in the stored here so that's the default one because we just created this application and there's nothing in so we are about to configure or put everything together to make it beautiful as you saw in the displayed or the the one that I use for the explanation okay so once you have this application created what's the next thing to do the best thing to do is we have to install some naked packages and that is what you're going to use for this whole project okay so what are this package that we need to install let's see so first of all since you're going to connect a database we need an SQL we need anti-firmware core we need enter framework code.2 as well okay and we need the authentication.jwt that's a Json web token Vera that's authentication type and we need yes.net core identity since there's an identity that we are creating we need attention UI as well and we have to install the diagnostic.entiformal core we have almost about five yeah five or six and package that we need to install to make this happen so let's get going so go to the project and with this we are first going to work you see we have three sections in application client server and shed the server here the controller and that is a API so we are first going to work on the API first to come to the set then we go back to the client so all what you're doing now is based on the server take note so right click on dependencies in the server project and now let's go to manage nuget packages so these are going to install these packages onto the server okay so click on the browse tab and that is we're going to make a set so first we need authentication.jwt better so you can type in the WT bear that's that all right so let's see next we have microsoft.asu.net core authentication Dot JWT better that's what you want to install by Microsoft turn around 7 million downloads wow a lot so let's click on install the current Table version is 7.0.3 click on install let's install to the server project that is there API web API accepts the terms and conditions and you wait for the installation to be done when you are done next year is done when you click on the output we have success okay so finished now we have to install another one as well that's identity.ui so identity so identity dot UI now let's wait and see if we have any package as identity.ui so you can see microsoft.asu.net core identity.ui so click on this now install okay but let's install this as well 59.5 million downloads accepted by Microsoft as well output it is done we have to install diagnostic.nt framework core so let's install that and that is a diagnostic dot anti-firmware call not because I have done downloaded them already so I type the name here that's as soon as I start typing I get a pop-up so we're not having unless you type everything so a diagnostic dot entry framework call you're going to see the pop-up and that is what you want to use diagnostic dot entry framework call 70 million download by Microsoft 7.0.3 stable version click on install accept it if you don't have time to read everything here yes accept that and go away now we need to install SQL Server so I close this and type in SQL server so there is a database management software that enables us to create database so that is it Microsoft not the extension you want this one Microsoft anti-firmware code.spr server click on installs 7.0.3 accessible version and when you go to the output it is your style packages so you can see let's accept that and we are done now the last one that we need to install is two so type in tools so with this tool that is a Microsoft that entry framework core.tools click on install and let's install that accept it so you wait for it to get installed then we can proceed all right so everything is okay now if you if you're not believing that you have all these packages installed you can now do it manually check how do we check it out solution Explorer now on the same server project dependencies right click or that you click on this drop down now if you see expand that and go to expand the packages now you can see we have all these packages here DWT better um server we have diagnostic identity UI framework core.sql server and we have the tools so we get them right we are here and we can now move on with a project okay now once you're done the first thing that or is it the first thing the next thing that we have to do here is to create or set up our connection string how do you set a connection string so let's do that and in a connection string we can set it up in the app settings.json file so click on the up settings now take note that we are working on the server project so not the clients several insteps so after the Json file now click on this and we want to pass in here so you want to pass in connection strings and this connection string you have to give it a name as what so that's the default default connection now this default connection are server is equal to that's a looker then you can close this database name is equal to JWT demo okay then let's see trusted connection trusted connection let's set this to true and Trust server certificates let's set this to true now it means we are going to create a database known as JWT demo currently we are not having the database yet now when you create a database you want to track the connection you want to also try the certificate so anytime that you want to make access to database you want to have access database it becomes possible for us no hand runs okay let's save this now take note make sure you bring this comma here let's save that so that's exactly what we are doing here now in the app settings I also have the script now you see we can also pass in Sarah look at DB you can pass and slash my ssql local DB okay database name or here we can also use initial catalog and this is a Transit connection multiple active results set through and we can also use a trust server certificate to True okay now the next thing that once you have a database lesson set already there's nothing to do here is we have to create our application DB contest now this application DB content is what we use to generate a table our identity table for us in application database or that the SQL database so let's do that we first have to create a folder here and name it as data you want to organize our work okay so let's set it here as a new folder the name is going to be data and now let's create a class in now at this class the name that we're going to set this class to is application DB contest so I just have to copy this and let's go to application right click and let's add a class to it so add then we go for class the name is application DB contestdb is database contest so we have that and this watch we have to do I just have to grab this and let me just grab this and paste it right there okay so now well there's not GWT login online there's going to be a JWT this jwc demo okay so yeah Contour plus period and now let's see what happens Control Plus period now we have a loading suggestions we wait so we can actually add what they need to use now you can see we have install package Microsoft um the identity core framework so we have to install this as well and let's see if we can actually install this let's have all right so we wait once we get that installed now we see it has finished the installation and let's see if this error is going to be cleared off yeah it is gone so it means you have to install that package as well and that's the name of the package dependencies and let's expand that let's see the name that is empty framework call we have it over here so we obviously.net core component web assembly server um you have Diagnostic and you have what microsoft.nt that's a call.identity.ng framework so that's what we just installed okay so that is where identity DB contest is coming from so we have that installed as well so as you can see from here we create a Constructor out of this we pass in this DB contest option then that's the name of the class that we created application DB contest then options then going to inherit from this base options so we are done with this not really not to provide any table here this has everything in it and as soon as you run our migration it's going to create a database table for us the database name we specify the database name as JWT demo so the tables for identity of authorization is going to come from this identity BB contest take note all right now we have this done the next thing that we can actually do here is we can now go to our program.cs file and register our connections right there so how do you do it let's save all the solutions program now in a server project we have to locate program.cs file so click on that and we have to set up this over here okay so in here that is what we are going to do we have good other services dot add result pages so we can add these services by calling the Builder that Services then we pass in the server that you want to add so what are the services that you want to add you can just grab them from here um I have program.cs file now let's add these Services first and the first one that we have to add here you have to add a database connection service and that is this as I'm going to copy this and I'll just have to place it here so today is builder.services.rdb contest so that's a class that we created the application DB contest you pass an option then you're going to use the SQL Server that we just installed as a [ __ ] package then we are getting a connection string names that will be default connection relocate to app settings that is the name over here default connection so you can just copy these and I'll go in there and I'll paste it again to see if we are right okay so that's what we have to add first now the next thing that you have to add is we have to add our default identity okay so edit for identity that's what we have to add here I'm going to copy this and complete this and let's go in there and paste over there so down here we have to let me give a space so it won't just okay so we are adding these are also services that we're adding and that's the default identity and this identity user I remember this identity user is coming from data and identity divided we just added remember that we added this another application DB contest that's identity DB contest okay so we can grab identity user in that so that's identity user that we are added over here and we added that framework store and we pass in this contest class when my desk and desktop container can I send and it is that is what's going to create a database for us okay and this contest class also inheritance from application that's identity DB contest take note so we have that okay so we have this set and the lesson that we can actually do is also quite simple let's see so we can have to set up the identity database so by creating database so now we have these two Services being registered connection and identity user let's perform migration to create database table so go to views and I can see we have solution or SQL Server object Explorer I have my over here click on that and click on this refresh button over there so if I expand my database okay my server database because I'm not having JWT demo I have ewtdb I'm not having a demo take note that the app settings will specify JWT demo we're not having any database name and demo after perform migration we're going to see that table and the various tables database and the various tables that can be created by this identity DB contest so let's see let's click on tools and now click on magnet package manager and then click on package manager console or package managed console now in here you see Server is being selected that's what we want you can click on this job done to choose the client the set by this time around we need a server so we can clear this screen off so CLS you can clear this off okay so that's what you're going to do so add Dash migration and the name that you're gonna name is is initial because that's the starting one you can change the name to anyone that you want even your name you can put it over there and this is going to generate a folder and migration files in that folder where do you want to keep this folder and all this file you want to keep them in the data field remember that we created a folder here known as data and that is what everything concerning can I send supposed to be so that's the data so you want it to be here so we can specify that as Dash o so that's an output and let's pass this data folder slash then the name is what migrations so we specify them the folder name that you want to get so oh another data slash migrations click on the enter key and let's we're gonna happen so we're going to build application first after building is going to just run the query that is a migration and when it is done we are going to update the database to see the table database name and the table so you can see it is done now if you check the migration file we have the name as es.net rules let's build next user so you can see all these table names create table create table table name the next one let's see create table name create table name created we could see all these tables where are they coming from you're coming from the identity DB contest okay so that's what that's where you're coming from because we didn't specify any database here or table name here we just specify the database name as JWT demo but we didn't specify any table by since we are inheriting from this identity DB contest we can now get the various tables in our migration file okay so kindly when you go to server um object when you refresh this we are not going to see database yet because it is not there unless we update the database to see the JWT demo now let's update that to the same thing and let's see to update Dash database click on the enter key and let's go happy so we see it building started and we want to create that when you click on solution Explorer the data folder you could see we have either for the name as migration when you open it that's where you have everything in okay so you have it here okay so you can see it is done now it is writing some queries for us and this uh this is done by the anti-framer core all these queries has been written and run by the entry frame of core that's very good so we need not to type everything else ourselves so now once you're done let's go back again refresh open the server database let's see uwt then we'll have it right here so click on this expand now expand tables and we see we have all this table but the one that we are interested in most is the asu.net user that is what we are working on today so click on view data now let's see what happens here so we see we have ID username normalized username email and Etc analyze email a lot okay we're going to fill all this what you're going to feel here is the password has security stamp email um username normalize name and ID these are the things that we need for email confirmation you can actually add that in there and as far as you start build the project you want to confirm my email and Etc I have to run a check if it was too fantas is getting enabled and all these types of that you want you can actually do more with the help of this table and that is good out of the identity DB contest okay this table name provided by default as soon as you heard from the identity DB contest you get everything here rightfully as you can see okay so we have database created we have a table names as well now our table is empty so what is the right now what is the next thing to do so we can actually now enable Authentication and now with the edible authentication we can also register what the services so the next step is to enable authentication in the API and this how do you enable or how do you register the service so let's see we go back to our program.ts file now in here down here okay let's go to application now this is what you want to do so you can now grab this and paste it here okay so this is what we just added build that Services there's also registering so we're registering service bernard.services.ad Authentication so we are adult education and we are adding DWT better default dot authentication scheme remember that there is a mechanism that are going to use other authentication type now with the add JWT better we pass in this options so let's see what we can actually do here so we add the GWT better and we pass an option so options are talking validation parameters you create new out of it we set this at the parameters so by date issuer through the audience is true now this issuer it is the one that is our server that is because it's going to work within the server and a clients remember that in a service network you see we have seven a client so by date issue who is issuing the the code always issuing the authorization or the dedication that is a server so we want to write in this the issuer an avoided audience the audience is a plans anyone who is coming in the invited lifetime so if you want maybe in a token we can decide to set it expiration date yes you want to write data because maybe if you want we don't want to accept a spa token so you have to validate that time being added and taken as well and avoided if you're assigning key through and where do we get this issue in the audience we get them from this builder.configuration um then we pass this JWT issuer so with this we haven't set them yet we're about to set them and now if you are signing key so we get it from JWT security key so all these that's not you here build that configuration it means you can grab them from the app settings.json here now yeah do we have any key here do you have any JWT if you are audience and security key no we don't so let's go in there and set them up let's get them so the next thing that we have to do here is we have to provide those keys and after 10.json these are the keys that you want to add we grab this one let's go in there and now here you can paste this so make sure the last one has comma now this uwt security key now this any random key that you want to pass in but I know they should be equal to or more than 16 characters now there is more than 16. if you think I'm lying just count yourself and see so it must be more than 16 or equal treatment but not less than no I'm not going to work on that so use more than 16 characters here and the the issuer is a local host and the audience is a local host now JWT expired in this how many days I want to add one day so 24 hours a token is supposed to be expired meaning you can use a token in the header to access content in the application you have to register again you have to login again with your credentials so you can also generate another token for you okay let's save that now we are done with our token or a keys the next thing that we have to do here is we have to enable authentication by adding the middleware pipeline so what are the middleware pipeline if you go to program.ts file middleware uh what you can see as app.use after all these are middleware path lines so we are going to configure that and what I'm going to do we have to use app dot used authentication then we can use the authorization as well so our program.cs file now take note that authentication comes first before authorization so apply the right here take note authentication first before authorization if not it's going to attack the user before the skating and that is very bad because you can give the person access then you decide to check if I do qualify to have this access it doesn't make sense right so you have to check first you qualify to have this access yes then what assets can I give it to you that's a authorization you'll assess the person and after that very simple and clear let's save this so once you've added a middleware pipeline then we can now go ahead and create our controller now this Contour is what we're going to use to register as a account controller okay so account controller now this account controller let's go in there to our server now in our controllers we're going to add new controller and that's going to be an account so let's see so we are done with the app settings you can now close that off right now the FDB contest and you can also want to close that up as well okay so now um with our account controller we can grab this account controller then you can go to application right click on the controllers folder and you have to add new controller and the name gonna be an account so we have to go in for API API controller as empty and then here let's build accounts controller click on that we have this controller added okay what are the things what are the methods that we need to use in there we can get all this method here so first of all let's create a Constructor and I'm passing the identity user as user manager so in here to create Constructor click on this Control Plus period or dot you can now generate Constructor over here but since I have my I'm going to paste it over here direct so we have account controller we create a Constructor we pass in user manager as an identity user then we give an object name or that's the instance as user manager we initiate this inside a Constructor so when it is ready to be used anywhere anytime nothing to do if you don't want to create an account which method candies are passed on to create an account that is this method pushed so this the method name is what post okay so this is post and now it is coming in from register model okay so this one these are going to pass on to create an account the method name is post from the body and here it it's coming in with this model register model and we create object out of it now with this model it's going to come in as soon as it gets here we create a new user out of the identity user we set the username from this identity user to the model that is coming in is email reset identity email to the model that is coming in email the person's coming in email okay so let's assume this model represents the entity the human being registering our site the hymn is going to provide two methods or two values or Keys the first one is an email and maybe password okay name but in identity user you want to create a variable for this and this identity user has username and email so we assign the person's email as username so we can display hello then your email over there as a design name then your email is going to set as an email over here when we are done we create a this is available as what result then we are going to create a user manager we're passing this new user that is coming in because you have your email and a username I mean add your password as well so this model is also coming with a password to recreate now when we are done account or the user is now created now we check if it is not succeeded we can return errors so we create an object out of errors then we set this Arrow to what is coming in we return a register results this is also a model that you're going to create now this results contain two attributes successful as a Boolean which is false that is if the results couldn't succeed because there was an error we return force that is successful equal to force and we can now pass in this error here okay so you can pass in what is the problem you can find device to display to the user but in case everything works you're going to return new restart results success is equal to True okay and here we can talk passing message as maybe user registered you can pass it on the error side so this error we can pass it because you know this register result comes in with errors and this Boolean two method or two properties here so you can set up this error but the reason why I am skipping this case as soon as there is a finished creating the account and it works successfully I want to navigate the user to the login so I'm not going to display any message the user maybe you can use toast or you can use any other sweet alert display that okay but here I'm going to use that sweet alert I'm going to use any JavaScript as well so we're going to read that a person to the user so that's why we are not using this error here the success is through and maybe we can pass error as na let's click that off so we have this now once you have a controller that's going to register the user what is the other thing to do next so we can go ahead and create a register model so this Razer model is going to carry in with email and password and also going to come in with confirm password because you know email and password right let me confirm password so we can copy this register model let's go to a solution Explorer now this is going to come in the shared project so right click on the set project and click on ADD class let's paste it as register model.cs and now this register model I have it right here that I'm going to use register model where is that let's say we have login results and let's do half register model in here all right register model and that's what you want to pass in so I'm going to copy this method or since I have this already I can just grab only the code so let's copy this let's put this here now this antenna you don't want that you want to access this outside this cup so it's insert it or we change it to public it is open to the public so everyone can have access to this why did I why did we add this model in the set project said project means anything that is passed here can be shared through the server and the plan now this register model the clients are going to use that so that's why we price over here but if it's limited to the server you could have added it to the server by saying this the servers are going to use what the clients are going to use you can pass it the set that's what we did okay now you can specify or we can simplify the let's copy this or let's cut this let's paste it here let's bring comma okay so you can join them together and even with this we can still join this as we can pass this in one life so you don't want to get yourself confused so display them the first one is required there is email the screen name is what email so let's close this and this is simple and we are done isn't it now you can still copy this as required and this is a string length you can place this year okay then this is a display name you can cut this you want to display all in one property okay then there's a display type as password and now the name is going to be okay so we have one over there so we can set it in this way less like this okay so this also required user can skip this now you have a display name as password and at the type here it is password so anytime that is a pass in the password it's going to mask it into star star okay you see that thing yeah and this is the error message so the number that you must maximum character and this year it is a string and this is a placeholder so it means the number you guys are going to type first might be at least two and the maximum is supposed to be what one so we have zero here so then the the number must be at least okay so watch here because you have the minimum here minimum is what six so the the what is that type that is zero one must be at least minimum of two and the maximum is one there's a hundred so what is that going to pass is the first one they're going to capture that minimum is six that's the two here one is the maximum of a specified here and this against the password now confirm password data type also is the same as what password and now this is a display name as confirm password so you can cut this and you can paste this here so and let's also compare so we are comparing because you know compare Parts with the confirm password these two password must match isn't it so you can now take this off and you can bring this to the next line so yeah so we have base and everything is working now okay so this is our model now let's go back to account controller and our control plus period let's use set project now it is that we've solved that each now you see this model this it is coming in let's if you right click here you can go to Peak definition now you can see that this is coming you to an email password now if you go to the application here if you have email and password so we have this and the next one is the registration results so that is after being registered um when you have error or not what is the output so we have to pass the wire so we have to create this awesome model so copy this let's go to our solution Explorer Now set project let's add another one as last then results registration or register results and now in here we can register result do we have it yeah I think it's over here so we need only this to add properties now the first one here is is Boolean so it is going to state if it is Success that is true or false and the first one is the next one is I and the number one string or a list of strings and that's them as an error we save this and so when you have any error you can pass into the error side and if it is not successful that is Boolean so it could be true it could be false Force means it is not successful through means everything is intact so we can also Control Plus period you can also add that as well so we have this we are done okay now the next thing is can we take this um controller yes we can so before we do that we have to Let's install a project as a package known as the swasbacker now size backer is going to help us to navigate or use the Swagger UI and as an interface made for an API okay so let's install that thread so right click on solution Explorer now on our server project let's expand that dependencies right click imagine you get packages and now browse up we need Swatch backer so swash backup and that's advancedbacker.asp.net core let's insert a can version is 6.5.0 accept it you don't have time to read and output it is done so we see it is finished and what can we do let's add let's configure that so we're going to configure that we're going to add the services and also configure the middleware pipeline to program the Cs file and now in here we're going to use on top here so we have to specify Builder dot services dot add and I'm going to be swangagen is it is it generator yeah okay so that's the adding the services now let's configure the pipeline that's the middleware so in here app.use app.use Swagger and oh yeah and also the next one is app.use Swagger UI so Swagger UI so that's the design interface now let's save this so once you are done with this now you see we have a controller set already so we can now build application so click on base but let's see this application being built okay so you can see this building here for us but to speed things up let's click on this let's navigate to our page here now I'm just going to return it's going to refresh itself and you're going to see you're going to see the same thing as well okay because you haven't touched the command side we're actually working on the controller that is the API so if you see nothing happens here the same thing but if you copy this last couple of days open the next interface face this and now add Swagger so Swagger and I click on the enter now you see it is going to locate it so I got UI that's what we installed but as you can see from here you can see we have API account so we can raise an account here so let's click on before we do that let's see let's open this SQL I do have yeah so that's an asc.net user from like from the database table manually first you can see we have nothing no information here right let's see so try this out now let's use user as example.com now the password Here is let's see admin at one two three and now let's make mistake and see so admin at one two three four now let's click on execute and see what's going to happen now you see the password and the confirm password do not match that's exactly what we stated in the register model that data type now let's see again if we pass in if you decide not to use okay so let's say we decided to take off this one two three so admin at admin at it might be six but this is what this is yeah this is six isn't it so three three let's take off the admin admin and then let's see what happens so execute it now let's see so the password must be at least six and the maximum is 100 okay so um we have to it has to be six so you can now add them one two three all right so one two three and now let's click on execute let's see the response that we're gonna have so do you have any response the password might be at least six um that as you can see from your admin at one two three I'm not one two three good so you can see the response is what is successful so Eros is nah now let's go to our controller now in our let's go to translation Explorer now in the database table that's the asu.net core users if you don't know how to get it click on SQL Server object Explorer expand this right click and click on view data so let's refresh this and now we have to see the data that we just registered as well it's over here actually we have an ID user ID we have the username that we specified and that's a normalize username what is the username we have the email normalized email not the normalized one is set them into upper cases so as you can see from here you have a security stamp that is a stamp here and there's a password so password hash you have over here now you see we have email confirm Force so if you want to add a mechanism you can do that and you can send this email confirm you through okay and we have a lot of value unlocked and locked out enabled logged out and phone number and Etc okay so let's focus on this so you see our API is now working that's the registration now the lesson is talking about is a login so we have to create the login so after registering that to application we can now login so once we log in then we create the token okay and set it up to the local state or the persons or the client browser so let's see let's go in there to our solution Explorer and now the name that you want to use here it is called login controller so in here I have the login controller here already so I'm going to copy this login controller and in here to the controllers for the another server right click on this and I add new controller so in order to confuse you that is what I'm creating a controller for each method okay if not I would have added the login and eraser and the same control line that is a One controller but I'm just pressing them you can do it you can do so be flexible in your code or in your design in your programming you can do it anyhow you want it to be to make sure that it is in order and for that well so you need to that is not cancel we are adding controller so that's an API yeah mt1 add now I'm going to paste as a login controller click on ADD and we have that and you know in these two we have to generate Constructor so control period so click on generate construct over here so if you have a Constructor generated but I'm going to take this out because I have one in there already so less and we have to inject these services so we have to inject High configuration now this configuration it is coming from the app settings.json remember that app settings.json file that is where we can get the eye configuration from this so you can have access to the data here by having the high configuration and now we need to use identity user remember that this I need to use a as a signing manager here remember that here in the registration that I can controller we created an object out of this that identity user so this user manager has everything that V1 because it's not the user registered it gets into that so we can grab data from this user manager and this design manager is inheriting it is coming in from there is a user manager from Identity user so we need the same to inject the same thing into the login and controller so we can have access to the stored details on the stored data I believe this is clear yeah it is clear so that's what we known as we call it as a sign in manager and it is from the ability user okay so we initiate them over here and this we can't we can just pass this on one line okay yeah you can do it like this and I initiate them so once you're done you we have to now check so the first one yeah that is the post so when the user passes on his data we check the login this the user that is coming in so this is going to hold the user's data now let's log in we check so we stored the data from here now check so sign in manager.password sign in async so we check that the password coming in is equal to one half there corresponding to this email now if it is not we're going to return a bad request okay then we need to create a model that's the login result as we did for the username now as we did for the registration now this is our result so coming in with success code and an error as well so maybe you want to know you can actually do here to be generic case instead of as defining the class as register request you can just make it as maybe a response so that response is going to hold this status that and the Boolean and also this error message so we can pass in both the login and the registration but don't worry today's video it is not to confuse you not to make things complex but that's simple so let's create separate uh models for that so this was somebody going to handle success and error that is when it is not if it is not then we're going to return claims that's the empty claim because these are data doesn't sync with what we have there so we don't know the user we don't have the account of that person if not so as you can see from here we're gonna return [Applause] if it is succeeded this is not success you're going to return empty one but if you see that that's all you have to do so if it's acid then then we're going to store the claims from that so claim type dot name then the email so this claim type the name that you want is the person's email remember that another account will set the name as what is email so as soon as you call the name it means I call the person's email and that's what you're able to display hello then the emails have the name the actual name of the person hello then passing the email so in our case the email presents the name I will display okay so aside from that we store a Cuba here we get the security key remember this coming in from the accessing.json datability security key and we also create a rubber as a credentials then the key that you have here we convert it into that's an hmac Sha as 256. so we converted to what he has a credential then we set the expiry so the spine here we are adding this we can actually add seconds take notes so let's count this now you can see that add you can add seconds because we have a lot milliseconds minute months and yeah okay but in this case we're adding just a day so you want one day so um JWT expire in date or in days when you go to our acceptance we specify here as one so it means within 24 hours the token must expire we generate the talking out of this once we have all these properties or all these um Keys we can now put them together and generate our token so we did a token binding the issuer the audience then the claim that we have over here the expiry date and the credential so we store that after generating our token restore it onto this token whilst we are done we're going to return okay so successful is working through because it is now created token is now created and now we call we write you this so right token inside this method we have a variable known as token so we store the current token that we have created onto that variable then return that login result okay so once you have that the next thing that you can actually do here is we need to create that login model so let's see login model do I have it here login and the model right here that's it okay so I think it's around this area login model so this is what we need only email password and remember this remember me is that you don't actually need this for now so you can take off this okay you need email and password so let's copy this login model and now let's create in the set project so right click and now add class and on this class will be login model.cs so let's go in there and then grab what we have here let's set this to public then we can now paste this so this is required it means user can pass in empty you must pass in value yeah okay and even with the email you can still add an email address to specify so so let's do it again so email address and I with a password when coming in we can specify the data data type so let's go to the register model and now we can specify this data type towards that it's password so let's copy this in here and login model you can paste this here so let's play this off okay so now we are done with this now let's save this login controller click on Control Plus period let's use system.set project and this login result so let's also create a login result and in here login results copy this now in set project right click and now let's add the class and the name is going to be login results this login result we need these three properties now here public as you know let's paste this in nowadays determine the state of the process is this success is this not successful so true or false we have that there's an error in case we have any area can pass in case you have any message you can pass into the error this token is going to handle the token generated when the person locks in simple save that controller login as a log controller we have that so we have solved that issue right here and let's see so let's save that and let's also test it and see what we have in application if the login is actually going to work so here let's wait for us it gets refreshed now remember that we have the account here and the name that we stored was we have the email already let's refresh this in here so let's switch ones it gets refreshed so we can try and login and see if you're going to have the token uh we're going to have the token generated meaning our API is now working then we move on to the client session to have access to to create service so you can render to the API to log in try this out now you have the email here already and remember that the password is what admin at one two three execute that's what we have all right so everything is intact now as you can see from here successful we put it through error is now now check it that's the token so this is okay that we are getting so e y d h b g c that's a lot SK that's the last one so there's a token okay so this token is going to be added to the header so it can be stored onto the client's header request as soon as a request is being made it comes in with this token then we check that it correspond with the user credential if yes we allow the person to access any data that the price is allowed to authorized to access that is very clear and simple so once you have the API done so this means that our server projects we are done we are now moving on to the client one okay so because we have a registration and login system working perfectly so let's go to our client component so we can now close our server so let's close our server and close that said and open our client now the very first thing that we need to do here is we have to set our apps.reza components you guys here it's going to the authentication is going to depend on this to render to check is it going to be allowed or do you have any Authentication so the very first place is starting from this because that's where the routing and everything is coming in from so the very first thing is you have to tackle this how do you do it now I have rate over here we have to make change in that and we move forward so that's going to be the app.reza so this app.reza you can now grab what we have here let's go in there and now instead of this you can now comment this then let's paste this here okay so let's see what we have now so Control Plus period now let's use everything we have right and this cascading Control Plus period okay so generate component from tag so we have the closing the opening all right so this let's see so not found you have that and we pass in the cascading open and close at the layout all right so let's save this now let's refresh application and see what we're gonna have now so there's a question and let's wait for this to get refreshed and see what we have all right so we're seeing from here everything is off because we have set the cascading authentication state so it means you might be authenticated before you can view this but have you authenticated now no so you have blank right click and go to inspect element now when you go to console nothing here okay now um Network refresh this application as you can see from here it is working perfectly but if you see that from here we are locked we have to we have to be authenticated or authorized people can have access to this site and that is what this guy cascading Authentication state is doing this okay so once you have this set the next thing that we can actually talk about here we can move my head we can configure or create a custom authentication State provider I know we have a default um authentication State provider so we're going to create our own a customized one we're going to inherit from that authentication State provider because this authentication State provider contents and method that we're going to use them in a customized one so it is better we heard from that so let's get going and now with this we are going to create a folder in this we don't create a service okay let's create a folder in account that's a client project and we name it as helpers so let's make it as helpers it's a helper we were just one to help her not the helper here now in this helper let's create one and release limit as API authentication State provider so let's copy this and in here right click this and and new class so with an API authentication State provider and that's a class click on ADD so we have this class and now in this class what we're going to do here is first of all it's going to inherit from this authentication State provider so I'm going to copy this okay and now aside from that we have to initialize submitted over there so let's create a Constructor and initialize and Method so this is a Constructor that we are creating authentication State provider so we can now get going and close this off because indicated all right so as you can see from here we are now using the local storage service but do you have actually a little car storage service here no we don't so this means that we have to install this I look at storage service so let's install that so we can click on this Control Plus period and let's install we have um no okay so let's see we have blizzard let's go to solution Explorer now in our client project dependencies right click and go to manage to get packages now under browse tab you need to install blizzard local storage so that's it whoa all right so bracelet local storage and that's what you want to use by crescenti so click on this and now install all right so we are done output you can see it is finished so let's go to authentication State provider Control Plus period now let's inject using Blazer local storage so we have it set here and now we initialize them over here with the HTTP client as well so you can see we have the Constructor we inject them then we initialize them here okay now the next thing that we can do here is we have to have the method that's going to get us an authentication State service so let's see now if we click on to control plus period let's see what we have so it is same we should install this over here as well okay so let's try to install this so Control Plus period Control Plus period now install component dot authorization let's install that three weeks all right so it is done is it let's switch for our Y and C whoa it means we have problem over here um could not found so all right so you see it is done now okay so let's see whenever I click on this other engines did provide that and then go to definition you can see we have a method in there that is known as get authentication State provider and you see right away get authentication state async so we are going to override this method and specify what you want using this authentication state so in here the next line best place what we have in so we create our technician States that's a method that we just solve right there now we are going to get a token set up from this okay so we are getting the cast right now we see as soon as you log in we have to set this as an item isn't so we have to set the token that we have generated for the client you have to set it or store it into the local storage now when it is getting authentication State async it's going to grab that token that's going to check does it correspond to what it has if yes it means it is correct then you can now set it as in the barrel token and put it or pass it onto the um header request so when a quest is being made you're going to see this token I said that as we saw earlier on so the type the auth authentication type Here is known as the bearer and you're passing the token being gotten from the local storage as I speak we haven't installed the local storage token we do that when we create the save it so here we get it from the local storage we check if it is now or empty we're gonna return new as Anonymous it means you don't know the person we don't have any information about that person if not then you're going to set it to the header the type is better I'm going to add a token as well then we're gonna return the application State then cleanse principle and identity then we're going to check the the string you could say wait the token that is coming in if you check our own let's see now the one that is coming in here has let me set it again so admin at one two three now if you see the tokida is coming in has three sections okay so what's here this is the first one it goes up to this this second one from this dot up to the last one I have you see we have three sessions here so we're just going to check this three sessions and then grab the claims and any other method in it that can enable the user to authenticated authorize so this method you have to create this method that's a past claims from JWT the type is DWT the odd type is what Bearer that is the token that we have gotten from the look afterwards of the client browser now the local as to the name of that street name is odd token that dot addition or authentication token let's add this method so we can add that method over here but before that before we add that method we have to also check now this Mac User as authenticated so it is authenticated if yes then run installed authenticated user with a claims principle then we call for a new identity you send it to the name add to the email so the name the claims type dot name you're going to use the person's email so that's what you can actually use to welcome the person welcome hello then pass in the name as identity dot name and now when you call in identity.name here you're going to have the email in place of the name because we are storing what the email as name now we get our authentication state tax from results okay from this orientated user that's what we start over here then we notified of navigation State change so this is going to update the whole application or the section either the person is being authenticated or not or logged out so this is going to update that's an event that's going to erase and update the form as well okay so once you have that let's see the next thing that we can do monk user as log out so that is it when the user logs out click on the logout button what do you want to do you don't want to leave the check here so we when we log out first of all we set it as Anonymous claims identity we set it to now so since we get a clear identity as empty we're gonna have a synonymous so we don't know you we pass this Anonymous so it means anyone authenticated you're going to see the name the email nothing notify the application that you are gone you are out now when you are out this is what you can actually use to specify let me copy this well before I made any mistake in it okay so let me complete this I mean yeah okay so now the next thing that we're doing here is now with this here is that's your pass claim from GWT now this past claim here um it's gonna split the token as indicated on with the dot pick the first one here then check the payload try to get the claims out of it the rows okay so we're gonna get the rows out of this if race is equal to now then it's going to start this one but if you're not going to now they're going to add the rule to the claims then we have the rule or that being removed over here and you can see it is adding a range to the claim that we just we've just gotten from let me take this off from this okay from the rules that it is um getting this from okay so now um aside from that it is getting uh passed basically forward that pattern and it is second the equal sign now all tokens either they have two equal signs or one equal sign so this method is second up to see which one corresponds with so when you check this application you can leave this token doesn't have one or two so when you create a new one you must have one either one equal sign or two equal sign and if in case it has one then it's going to add these two equal signs in case this one is modulo four isn't it then I'm gonna add one so either two or one okay so this method is actually going to work in that way to get the everything intact for us to have application work so this method is actually was done by actually for watching the name actually but um one guy good guy did that and it's very useful as well okay so this to pass claims from GWT is at the level where I can just grab it on the internet and paste them here okay so um we have that done and that is it for the authentication State provider now the next thing that we can actually do here after creating a custom authorization State provider is we have to now create our service now this service what we're going to use to render to the client Okay so yeah so I think I've remembered the the one with this so from this past glance when DWT and this pass this before with that pattern um it's a borrowed one a bird method from Steve Sanderson so he came out with this so actually he is the only one who can vividly explain this to you okay so what we know here is it checks and get out rules and claims or claims from um it took in and that means what you can use to be authorized or be authenticated to the application that's all that we can actually say but maybe if you actually want to know what actually does line my line then Steve Sanderson to naturally help you a lot to understand because he did it and he knows better than what we know okay so once you have this done now our next thing that we can actually do here is we have to create our services and that's what we're going to use to render to the user so this let's create a folder in this client project and that's going to be the last one to do so and and I need for that and we name it at services since it is only one you can name it at service now with this service let's create an interface implementation so a new item and the name of this let's see what we're going to do to this so you can say it is I save it another eye or service that's an interview make sure you select an interface click on ADD and now it is interface you want to have this method these three simple methods in it so tax is a register now remember that we created this register results we use that in the controller and we see we're using it over here as well so that's why we put them in the set project login result register model and login model and we have logout let's create implementation for this you can just copy this hot service only copied this and let's go to service right click add new class and now the odd service click on ADD now this hot service this is what we need to do first let's create a Constructor and inject a HTTP client and other methods so we just had to inherit from so I at service okay now let's get that Constructor here and inject this so we are injecting the authentication State provider and the local storage and also they need to be planned we initialize them over here okay so the next thing that we can actually do here is let's see now that's a register so when these are costing for register we are going to use the post as this in the sink you pass the API the name of the registration controller is called account you pass in this register model if resource is not succeeded we return successful to force and error okay but if it is successful then we can just access voice because it's true and I can't create it successfully that's very simple now the next thing that we want to do here is when the user tries to log in so when the digital trans login what should happen and that's what we have with over here so the next method now when this kind of login model is coming in it's going to return login results then first visualize it we convert it to Json after actualizing we send it order the processing to the login mode controller then we specify the type sense that it is it are serialized AS application slash or Json then the next thing that we do again here is let me bring this here the next line now we create a variable as login result and we visualize the results over here and read the content from what is coming in so this and we set it a case in service to true if response is not supposed to start that the success status code retain results login results okay so if it's not successfully done my case it is done we have written currently done and the user is found in the user manager token that's the token that it is coming in okay so here we are setting and in the hot automation provider we get it over there so he is going to satisfied before we can get to right there first as well once we are done then we return the Escape provider with the user name over here that is an email as a name then we pass it as a header until request the time is going to be a better and reset the token over there we return the login result remember that the login resource is coming in with what success code error and token so as soon as you passing login result.token we are having the token that we issued when we logged in first okay now we are almost done the last part that we need to talk about here is by creating our components okay so let's create a component and I'll compare that you want to create yeah you want to create login that's razor you need razer.razer and log out of Razor so these are the components that we want to create so this is a login and let's copy this let's create a component over there so in a previous rank click on pages and and raise our components the name is going to be login so login dot Razer now let's copy this and actually this code I'll leave it because this is just a form a design form okay so I'll leave this code I can actually have access to this code so here that is a route and we need to inject this Control Plus period let's inject this eye or service so we have it over here and I've injected the navigation manager as well now we have edit form see this requesting us to use and it's okay so now you see we have edit form here okay now this edit form we have like this in annotations radiation summary we have email address that is a login so let's control period so let's use that that's a shared project and now we create an object out of this login model now this lucky model contains email and password we specify that here then when this login model when this button is clicked you see this button is submit now you see on Valley submit you want to handle login so under this method you handle login will show error go to false no error now restart the result we await.service.login passing this login model okay now when it's done when result is not successful then we want to navigate this person to the home else we display the error and we should error to true simple as that okay now let's try to save this let's navigate to our page and see what we have now so let's try to access login so there's nothing found here plugin so nothing found let's see again all right so that's what you can do we're gonna now copy this and cut this let's close this now let's delete this and we create it again maybe we can now so login yeah delete it unless we create it again and see so add razor components and that is login.uaza Ctrl let's paste them yeah let's see if we have saved this okay so let's save this and let's see okay so we have the same as well indicated so after seven days let's understand see okay so we have Arrow we're from this error that is error also it doesn't Implement interface let's log out okay so let's see all right so we have front method left like the log out so when the result logs out what should happen let's finish that quick hot service when the user tries to log out then you want to set the local storage value to one to now so as you can see from here look we want to remove the item name as Auto clean the local storage then there we the user the the default request header instead of setting it to the Token over here here we set it to now because we want to remove that token from the request Center because the user is now locked out okay so let's save that and an application and see what we have now okay so now we have this we need you also create a registration as well so let's see if we can create a registration component let's see so you have login all right so let's check here last couple of days and let's see with the app.reza let's play this here that's for the update Razer so you want to check with the cascadians and casing state and we can use this method to check the identity and if it is cascaded if it is authenticated or not so let's see right here that's the method that we call over here we check so we are going to write this the console that is to go out okay to check so it is indicated if it is not is not in created that is a simple method that we are just using to do and as you Cascade in parameter okay so we save that now if we decide to refresh this now you have an error here now with this I'll right click and go to inspect elements now it is inspect element let's see what we have console okay and I can see they are saying that there is no registered service for the type yeah we understand that we haven't registered the type yet we are we doing that so the next thing that we can do here is let's create a register so we have a login over here and now with a register two and we have the right there yes let's register this so let's create that so right click on the pages add new Razer component and the name here is register dot Razer and this horizontal Theresa let's copy this and you can now paste them here so with the same thing that you're also doing so let's Control Plus period let's inject this as well that is I save it now we have all these and you have these arrows here control class period now what they are here we have to specify from the plus periodless include this set project and now we see this working so it's done okay so with the login a length here okay so login to it is done now all right so no error here now the last thing that we have to also do so with the register we just have to call the sometimes we did for the login we call this result and register we just change this method as register that's very simple and we create an object out of this register model we set with register model dot password and confirm password and email we have this when it is my submit handle registration data validation here to handle the errors example I start okay now let's see what we can actually do after having this registration we need to create um now you have the login already so let's see when you have to login and this is now you can do here is you have to create a logout component so with a log out component let's go in there right click and now add raise a component now this is going to be a log out so log out that's Razer now in here you have plug out a couple of days and in basic now the route is log out that's the direction the routes and let's inject this eye service and we are calling a log out over here and we navigate to the index okay that's the home page so when you log out you go to the home page and record this log out now this longer is going to set or remove the access token from the local storage and also set the claims type of name which is the email as now as anonymous save this and yeah we are almost done what we have to do here is you can display you can create a login display to display the either login or logout okay so and that's going to be login display so let's create that so we can use that component so add new components and this component is going to be login display plugin display now with this component that is what you want to do so we want to just check the simple method so now this authorize View and this authorization open and close if it is authorized we want to use contest that is when it is authorized so hello then contacts.usa dot identity then pass my name now then see here that's going to be what the person's email then we can display log out if not register and login okay now let's see so using this price View so using this authorized View and let's see what we have to authorization okay so we have to use this and let's clear this up okay so this is working now when you call for the contest it's calling for the current state okay user from Identity user then we take the name and I received this so the next thing to do here is we have to include the this login display you have to include it into the main.cs file okay so unless you have to go about that now main layout let's go to the solution Explorer now shared projects so set projects all right now main layout and now on top here let's display so that's login let's see if it can plug in display that is this one okay let's see that now we agree so let's save application and now let's see what we have so the next thing that we can do here is we have to register at services so so in order for this to work we have to register our services until then we also going to have this reload error so let's go to 200.cs file [Applause] well we're doing it open that's the Microsoft SQL management Studio is that cancel minimize that okay so let's see with our program.cs file for the client and take note we have to add Builder that Services Dot and Blazer local storage that's the first one we have to add Builder dot services dot add authorization course so that's the current one then we have to add this perioda that services that's yeah we have to ask group so our school now this ask of you need to provide an Authentication service provider and that is right here do you have it okay so the engine service provider and I remember that with this we created an odds isn't it so if you learn API application State provider so we have to we create a dependency injection so they saying that anytime this interface is called create an instance of this API sorry of this API this class anytime this is called create an instant request this it is depend on this for implementation oh this will depend on this because when quite a method in this each root explanation can be called from this API so this method so when you create an instant of this when method and this is called you can now get into this instance um method and then get it and utilize that okay so that's what dependency is about now we have to add one more so Builder dot services dot add scoop now it is our scope that's it I asked service and the name here is what odd service rather than kissing service and that's the last watch one so we have done this now let's wait for opportunity to get refreshed and see what we're gonna have now okay so now it's not reloading let's wait and see I'm gonna have this error or you're going to be cleared off now and that error is gone good so you see when the page loads we have register and login now login right here please enter your details now this email now remember that we have registered account already okay so that's at user at user or Etc so let's go in there and let's try to grab this so email.com and the password is admin at one two three before you click on submit let's click on inspect and our Network no application the car storage so now we see we look after storage nothing is here let's click on submit and see see what happens here so we wait once you have a message on top or you're going to read that as the home page now you can say welcome now because we have hello username then you have to logout and about that now click on them now you see we have hot token so these are talking generated now okay this attacking Knight ends with nine u now that's not you let's go to let's try to access a method here so click on network and now fetch data is there that is a controller now you see we have authorization that's the better and ends with nine u then we have the cookie as well all right now if you see it is working now now if I decide to click on logout see what happens here now that's going to go off and it's also going to go off so let's see now the first one network this is if this authorization bar is going to take off now let's see right here so you see this over here isn't it let's go to application now you can see that is off let's go back to network now if we try to get it again oh let's see we try to refresh this application and see what happens here First Data offer data controller now you see the authorization is gone left with the bookcase only all right okay so um this video has taken a little bit long but it's actually important to understand the concept and to know it don't worry all the codes that I use I'll just leave them a link from the GitHub and another description you can just click on that to grab all the code maybe you want to check yours and see what you have what you got and errors or you just fix one or two things in it and as far as I'm going to leave it as I'm going to be available as well so thank you so much for being with me with this long time and I believe this is helpful to you and hopefully I'm going to catch up the next video by please don't forget to subscribe as well say and give me a thumbs up in case you like what I'm doing okay thank you for watching see you in the next video sorry so in the next video do you know what I want to talk about that is you're going to specify if this button can be accessed by administrator or user that is a real base so don't forget for the next one make sure you subscribe as well so you can get that video as well and read and watch it as well and practice so you can whenever with that in your application to have a complete ah [Music]

Info

Channel: Netcode-Hub

Views: 4,375

Rating: undefined out of 5

Keywords: asp.net core, Registration, send email using mailkit, mime, controller, service, email service, web api, send email through web pi, smtp, SMTP, pagination, entityframeworkcore, EFCore 7, skip(), local storage, blazored localstorage, window.localstorage, scalffold, scaffolding, migration, database migration, creating models, fileupload, blazor fileuploads, file download, blob, javascript, file download in blazor, crud, sqlite, ef 7, authentication, blazot, client-side, jwt, token, password hash

Id: Q1WO9OfTiX0

Channel Id: undefined

Length: 113min 32sec (6812 seconds)

Published: Sat Feb 18 2023