Unlock Security Marvels: .NET Blazor WebAssembly - Auth, Roles, Refresh Tokens! 🚀🔐

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

Hello friends and everyone you're welcome back to net Cod Hub channel thank you so much for watching this video now I made a video on Blizzer web assembly custom authentication and authorization and I did not include refresh token so I had a lot of requests asking me to do that and I'm going to talk about how to include a refresh token in custom authentication and authorization in Blazer web assembly so if you have idea of implementing um authentication check the time stamp you can skip to the section of refresh token but I suggest you watch everything all right now if you haven't subscribed to the Channel please do so and also you can um click on the notification icon as well so as soon as I upload new video you also get it give me a thumbs up to this video if you think it's helpful to you check the description and I'll put the source code of this project to GitHub so you can just check the description get a link click on it and you can clone it from the GitHub and review as well so maybe if today is the first time of watching this video you might ask yourself what is actually refresh token it is simply a mechanism to authenticate user once and the subsequent once the system get itself authenticated with the help of the client browser local storage now as soon token is created it has LIF span maybe one day two days and when that day is due the token expires it means that this token can be used to make a call to our API therefore the user needs a new token now in order for user to log in by himself we rather handle it with the code so as soon as the token expires we initiate iate it a different call to the API with the expire token or the refresh token and now get a new token and assign it to the header of the request which going to be used by a client to make a request to an API so that is it all right I've made this already so let's go through it quick then we start with the project so we see from here that we have a database open I have three database table and that is going to be the registration token info and this the user Road registration to handle or registration of user token info to handle or refresh token token expired date and the user ID related to that token when talk about the user row as soon as you create an account you have a ro name and also the user ID so you have either administrator or we have um a normal user you can add a lot of rows too now with this three table let's try to see if what they're going to contain when we try to register or create an account here all right so I'm going to last so there's a app here now see as soon as you Line the app and you are not authenticated you see we have hello guest now let's register an account here and I try to log in so let's pass in just any name I'm going to put net code up and I'll check here for the email address if you start with an admin automatically it's going to assign you as an administrator so I'm using an admin and admin has to register once so let's passing just a password over here so click on register and now um vest has been registered you see we have there's a index over here from the database and let's see so when you click on login before that when you go to user row right let's refresh it and you're going to have um administrator so here you have row name as user and now the the user ID is four all right so we have real name as user user ID is four now let's see from this registration let's refresh this so you can see we have the name and the email that we we provided the Tok as for the token it is not yet generated okay now the next that we're going to do here is we are going to login all right so let's go to [Music] to the same app and the login let's provide the the name so admin and then the password over here so you click on log in you see we have hello admin you have this as the the icon that you can switch to log out now you have info this going to be assigned as soon as you log in as user now check this when you come to token info the token has been generated and I have a new token over here so this is a refresh token and this is a token expired date all right now how would you know this token is working when we check this let's right click and I go to inspect element by default this token has to expire within a minute or so so let's go to network tab let me expand this so you can see from here have this drop down and if I click on this my info here we are getting this request or this response from the server so you have your name and then your email sent to you so when we click on this you can see we have this authorization that's a header for the bar token we have it set over here now can see there is the last one is a CI that is the last token you can see it's over here when you go to this application you're going to see this token now this token when it copy this you put it on a notepad and now check it to work see we have this is a token and we have the refresh token so this is the refresh token too so we have two tokens refresh token and we have the actual token that's authentication token all right now let's see so let's see let's try again and check if the time is up I'm going to click on this again okay so the time is now up let's wait so I'll just pause for some time to happen then we're going to click on this again to check if as soon as um the token expired a fresh token can take over and make a request to generate a new token for us all right so um let's check it now think are min minutes have passed so let's see now if I click on this um my info let's you can see we have this um red thing here let's check it out when we click on that you can see we have 401 that is unauthorized but as soon as it checks and it is unauthorized a new call was made that's a get new token and let's see this is the old token the old token was the CI Now call was made and now to get a new token and you can see it was okay it was a post method and return okay of 200 status code and you have a new call now let's say the token now the token is here is PQ right so we see a new token has now being generated and assigned to the header of this HTTP client so when we make a call again now everything works so you see the same token retained and that is it now when we check this application and when you grab this let's get the notepad and now let's spacee this here if we extract the token from it you can see here it ends with PQ and now this ends with um where is it and ends with CI right so new token has been created and also added to the header of this HTTP client so let's first have a look on um how to do this so let's stop this and let's create a new project so file new project and that is it so we're going to choose Blazer web assembly and that is this stand alone so we click on that and now the name name of this project is going to be demo and demo Blazer was authentication and authorization with refresh token right so that will be the name for this project okay so when you go to get up check the name up and this is the name that I'm going to use and the get up okay so let's click on next and now the free version that we are going to use here it is 7.0 so we click on that you make sure we include this Co Hoster to have the the class Library the server and the client as well so once you have this project created the next thing that we're going to do here is we are going to install packages that's a n get packages and that is what we're going to use to do this now what this I'm going to do so we go to the client we have to install packages to the client and also to the server right so let me expand it now this client I'm going to right click and I go to unload project now in here where we have this package um item group I'm going to paste in this so make sure you install these packages to the client section local storage and authorization um HTTP features and also you need um Json and also this Iden mode. token. JWT all right now the next thing to do here is let's go to the server to and now with the server we also have to install some packages to the server as well now we go back to the server I'm going to right click on it and I'll go for unload project and now within this item group to I'm going to paste in this so also pause the video and I install these packages as well all right now save all and I'm going to okay let me do it again save all solution then right click on this project reload with dependencies and I'll do the same thing to the server as well all right so by doing this these packages are going to be installed now let's build this project to restore the packages that we have added all right so you can see that it is successfully built now the next thing that we're going to do here is we are going to create our models and these models you're going to do them in the shared project so we go to the shared project and we're going to create a folder and I'll name it as model so let's quickly go to that place that a shared right click on this add the folder as model and in that that we need to create login model registration model and also um register model so let's quickly do that so add new class and now the name of this class this login model so in that we have this we do same to the registration let's create a registration model or register model so we go to the same place okay then we have um register model so the reason why we are creating this model is we're going to add one property such as or that is the confirm password we don't want to St confirm password in database so we need to create that model and I'll add it so when we want to add to database we assign it to the register model see we have confirmed password and we want to remove this this for just um checking up to see if what the user provided is what he wants okay now aside from this let's see let's include the component model and now the last Model that we need to create that is a user session and this what you're going to use to store the token and the refresh token in the client browser local storage so we can just we need just two uh properties in here that is the token and the refresh token okay after doing this we need to also create model to the server and now these model are limited to the server that is what we going to use for the authentication so we that's why we did not put the shared project because you're not sharing between the client it is for only the server so it is limited now let's create a folder to the server and then maybe we can name this as authentication and now within this model Orin this folder we are going to create token info so let me just add model to this so add a class here and it is token info okay So within this class we have this ID user ID um the refresh token and also the token expir we're going to start this so aside from that we also create Row for that so we also want to stall this row so as soon as us a register we have its row assigned and we want to have row name user ID and now since you're going to start create a database table we need to provide this ID to it all right now let's create our Ed dator folder or that's a context class and now you can do that in the server by creating a folder in here as data then let's add a new class as app DB contest now within that class it has inherit from DB contest class from the ENT framework call that we installed so you can see it has added from this EF call that we installed and these are the tables that we need so we need three tables the first I'm going to handle the user basic details second handle the the token info and the third one going to handle the row we are not storing the GWT token here we are storing only the refresh token okay so that is what we are doing now the next thing that we're going to do here is we let's set up a database connection string in the up setting. Json So within the app setting. Json we go to solution then upsetting. Jon okay so we have our connection string over here and the name of the database is let me add demo DB we have uh this is the connection or this is the settings that we need for the token we need the key over here and we can Generate random keys from this site and the keys should be at least 16 okay at least but could be more so and we have the issuer and and the audience so this is the local host and the port is 7054 so to get your Port you go to the server and you go to properties lunch set check for the https so it the same over here as 7 54 so you can just maintain grab this and you can just go in there and I'll keep it so 7054 just replace it for the issuer and now the audience okay now once you're done with this the next thing to do here is to register the database connection string and the authenication in the program.cs file okay so you have to go to the server program CS file here and now before this app. buil here we have to register a connection string in here that's a database connection string so let's let's register that and asside from this you can see the name we are getting the connection string from this up with the name default so you can see when you check here that is a default connection okay and that's what we are getting if not you throw this exception and we using this SQL server and this is a class that we created okay and the next thing to do here is we have to add the authentication settings registration as well so let's add that service and we adding this authentication Service by adding this GWT Bearer so we validate issue and the audience and the lifetime so here to get the issuer you see here we need to get from the Builder that configuration the section name is for the GWT now the key here is the issuer when you check this you see we have this over here okay and now we have the the here so there's a one that you want to refer to okay now once you're done with this what you need to do here is we have to add authentication and authorization mware Pipeline and this can be added here so down here you add the two check the arrangement well authentication first then authorization second okay so we are done with this what we going to do here is going to update or going to add database migration but before that let's build a project first so after successfully built this we're going to do go to package manager console and click on the tools you get package manager and I'm going to find it over there okay so in here you're going to add- migration and add a name first so before we do this I think we have an error here let's check here settings so go to set this server a startup project okay then let's write it again and let's see so add- migration and the name that I'm giving is first so let's check it up all right so you can see it is now done now let's go to update database so this is going to run this um EF code is going to run this migration file here to create this table into a database and I create a database itself so let's wait all right so this is also done so database is sucessfully created now you can save everything and maybe you can close all of these now what we're going to do here is let's create the controller so we're going to create an API controller so I click on the controllers folder and now in here you see me we have this weather forecast let's change this to authentication controller and now when it come in here let's remove all the method here we don't want them so what we're going to do here is you're going to create a fat controller you're supposed to create a service and where by this service or this repository be called in here but since we doing just authentication and authorization then we can just put it in here so let's first create a Constructor and I inject our configuration and also um inject our appdb context class so we can have access to database and also the app setting Jason file to get the GT settings or the section that we added aside from this we create um public endpoint and now this public endpoint the first one I'm going to talk about here as an account registration so if I want to register an account what am I going to do so as you can see from here the route is it is a post as a verb and the rout here is register is coming in with a registration or register model now check if user email contain admin and admin row is already occupied so you can see here we create a row right here then we check if the name of the email starts with admin then we're going to check to the the user row and see if admin is found if it is found then you're going to return admin already registered but in case it is not then we assign this rule to this admin else then we're going to assign this R to user so here we can add else statement here so as soon as your email start with admin automatically you're going to ass sign admin to you but it's going to check the admin has to register once okay so that's the first registration by the administrator the next one going to have admin already registered now here we check if the email is already in the registration form so after ass signing the row we're going to check is your email already in the system if yes return this if no then we're going to add registration by creating a new register model we just grab the email the name and the password and the password we are going to encrypt this so in the first of the previous video I made we have to write a code to encryp this by here we using this a b.net to encrypt it and now here the algorithm that it is using is sh 384 okay so that's alth that it is using if you want to um use a different algorithm such as the 512 sha1 and I've made a video on how to use this b.net so I'll put in the description you can just um click on it to to check more okay so this what we are doing over here now you can see from this that we are saving the row so after saving adding this registration table we are going to save row so save the row assigned to data database now this what we are doing we are creating this user row. add okay so do add let's add this this supposed to Authentication model so we are referring to the model that the user row model that we created and I we assign the row name to row and then the user ID to this entity. ID when we when we save it you can append an entity to it so we can have access to the current data that has been assigned to the database and we are going to retrieve the ID and assign to this model so we add it and I we save return the ID of the user to to the person right so you can maybe you can check up and I'll use this ID ID to display a message the user or other stuff all right so this is for the registration now let's see for the login system if I want to log in what I'm going to do so let's handle the login as well so for this login you can see I added some attribute right here allow Anonymous it means whether you authenticated or not you can still have access to this okay because this a public API that anybody can have access to now you can see it is coming with this payload that's login then check if this email exist so we check if this email it is in the database if it is not then return and let's also check we have to also check if the password exist yeah so we have this um that is a we using this the bcrypt so we are going to verify so to write a whole bunch of code to verify no this what we are doing using this package and we verify we provide the raw password and this is encrypted or the hash password we can get this hash password from the data that we we made here the query that we made here we can get the password in there aside from that in case it is true this is going to return boan expression as either true or false in case it is true then we want to go into that way in case it is false then you see we are returning null over here now in case it is true what is the next thing to do we want to get that user specific row so we can use to create the token so we get the row stable but we find the user that can just get the token so generate token we pass the user email and the the RO name so these are the claim that we are using for this token just two claims the email and the token no the email and the RO name and also after generating this token we want to also generate a refresh token because they must go together now if the user has already refresh token already or if the user has created or logged in and has um refresh token already we make a search out of it in case it is there then you can see we are going to update it so this I'm going to update see we assigning this field to the current one here then we save changes and also assigned the the expired date and also the same thing applies to this you can see if it is not it is now then we create a new you can see we are adding token info table do add new token info then we populate the the variables in there the properties in there refresh token user ID and I'm toking expiring here we adding one minute and then here we are adding seconds wow so it's supposed to be the same so let's make this as one minute for this purpose I mean it to be okay all right then we save changes and I return token and Al return the refresh token so when the user logs in successfully it's going to return token or the refresh token and henceforth you can just go ahead and now save this token and the refresh token into the client browser local storage all right so we have these two me generate token and also generate refresh token let's get them done so in here let's grab the tokens so down here let's see where the token is okay so let's paste this here now from this refresh token is just one line of code we are converting to be 64 string and generating random numbers of for 64 bytes as you can see from this and this going to return the token that's a refresh token now to generate the token you can see we accepting an email and the RO name we get the security key from the key that we specify in the app. Json then we create a credentials by encrypting this key with this algorithm name and also we provide our claims remember that we are providing two claims username as an email and also the road name and we formulate our token creation so issuer audience claims and everything we add expir date as what 10 seconds so our token has to expire in 10 seconds but I think this is let's add so here add minutes right so let's say let's add one minute and now for this refresh token let's add 2 minutes because here the refresh token may stay longer the the real token must stay shorter Okay so there's no instance whereby the token the the real token will have and a life span longer than the the refresh token no then let's so after that going to return as a string as you can see from here there a return type as a string all right now once you're done with this we can create and these are the login and the registration the public um API endpoint so we can create private API endpoint now now this private API endpoint needs an authentication before you can have access to and we have even specified using the RO base um method so we can also assign even not all authenticated users can have access to the first one here it is get new token that is when a refresh token is being made here getting a new token and as you can see from this attribute allow an inos everybody can have access to so we are getting we check the incoming session here this session has to come in with the token or the refresh token although the refresh the token is has expired but we still need over here to get the claims from that token so we get the token from database and check if we have it over there in case we have it then generate new refresh token if the token uh refresh token date has expired then generate new token so see we create a Str refresh token then in case the token expired date is lesser than today's date then generate a new one okay then after doing that generate a new token by extracting the claims from the O token the O token can be found in the user session so we are extracting the email and the Rogue remember that when creating the token we added only two claims so we extract them here then we call this generate token passing the claim that we have here to get up a new um token as a new token here then update the refresh token in the database so you can see from here that we want to get the user from the registration then based on the user you want to get the token user from the token info then we want to update the token refresh token date and also the refresh token itself so that we keep track of all the tokens all the time so here user has to have one record of um token a refresh token which keeps updating itself anytime a new token is generated or new refresh token is generated but normally you can actually keep them so that you can know the number of times user has um called that method okay but for now this just a practical aspect too you can also do this or do that any one that you want you can do it as well now after that then return a new token so you can see token is equal to new token refresh token is equal to new refresh token so this method is going to be called which going to extract claims from the token o token which is which as which is dying dying or which is dead okay then use the claims to formulate a new token and I return to the user all right so aside from that we also create this private API end point2 now here the RO here must be an admin if you're not admin forget it and here if you're not user you forget it here you are return the number of count the user the number of user that we have in the registration so we are counting it and now here we are just returning the in this can be done by the user and it is accepting an email then make a query from the registration table get the email information and return so this what our um API is going to do so now let's work on the client section and we're going to create a service with an interface and implementation for that okay so we can just close this we go to the solution and now in here we can just close a server so now we are done with a server then let's work on the client section but first of all this we're going to do we are going to create a folder in the client and I'm going to name it as CLI services and this folder is Client Services we are going to create an interface and implementation class in here so I click add a new class and I make sure you choose choose an interface and now let's space this you want to have just four interface two public method and to private method or protected methods so this what we have registration registering account a login aing these are public anybody can access without even an authentication header then for protected you need an authentication header and also you need a ro to be assigned to you either the user or an admin to have access to this okay we save this let's create a class and this is going to be an implementation so I'm going to grab this then solution right click on the same folder this time around we are going for a class and it is client service so within this client service what are we doing first here is we're going to create a Constructor with local storage and our token free HTTP client instantiated so let's see now you can see here we created Constructor here for client service we add our ilocal storage service then we include this HTTP client over here now this HTTP client here is header free it has no authorization header on top so this token or this HTTP client here has no authorization header okay so this is a free one that's why I said is token free HTTP client all right so aside from this let's create our public method um which do not re reir any token now in doing so it means we are going to use this HTTP client so there it we log in a sync we call this API and that's our route here authentication then we log in it's a post method so we uh specify or we add the the payload Here and Now from the response you can see it is coming in with it's coming out of for user session so we have to handle that and a return and also this register account here turnning an object that is an integer or a string so that's why we don't want to specify that so we made an object to handle anything okay that's for for the public one now let's look at the protected want so the protected want we need to create a new HTTP client whereby we can have access to the token and append the token to the header okay so we can call so from the protected method which need were token get user account you see from here that we are creating an instance of this secure client then within that client this client here is coming in with a authorization header app to okay you make a query or a call from this then we check if the status code here is not equal to unauthorized okay then you want to return the results as soon as it is unauthorized it means that either one the the header or the token has expired and in case the token has expired then this is what you want to do jump to the next one call in for get new token and now this method call this method itself again start the response and I return the response this very simple thing so there's going to like a um a cyclic event um as soon as the it is unauthorized it's going to call this method whereby this method is going to call the API get a new token and now append the token to the the header and use that header to call this service again so in such case a new token will be appended then we make a call we get a response and I return the same thing applies to this you see they all the same thing and that's what we are doing okay so where from this secure client it's very simple method that we created let's let's have a look here so for secure client let's first look at the general method that we need and that's where we can have access to the secured client as well so I'm going to copy this and in here give a space and I past it here so these are General method that the they going to be called often so that going to be called frequently so see this is a get new token and as you can see we get a token from the local storage and now we return if they are now in case it is not we get we push it to the API then here we are distalizing it you know from the we want to serialize it in a one string format so we can store to the local storage so as soon as you get from the local stor you have to distalize it into an object so since we have to post an object to this API we have to visualize it to get an object okay then the response that is coming in here we read it and now we have to serialize it again then remove the old one from the the local storage and now insert the current one after that call this method secure client now this is secure client method as soon as you get it called it's going to also retrieve the data or the token from the local storage and now visualize it and also add extract the token and appen it to the header as a bearer append it and I return this client so as soon as you call this it is returning this HTTP client with um a header or authorization header added to this HTTP client header okay now this meod is going toize it and also this meod going toize it so you see all this meod you can actually put them in one um um class where you can just register them and now be using them but you know I don't want to confuse you let's maintain this okay now so we are set with this everything is set so the next thing that we're going to do here is we're going to create a custom authentication State provider and this provider going to tell it's going to be call frequently anytime um you want to do page navigations or login or log out okay so so it checks if the US authenticated or not so we do that let's create a folder here um new add new folder let's give it a name as authentication and now within that you know we have to create let's name it as custom authentication State provider very long but it's meaningful so custom authentication State provider and now in here you need to also create a Constructor so let's generate our Constructor in and now this class has to inherit from authentication State provider so we put it over here and you see we are injecting this iCal storage now there's a method that we need to override that is known as get authentication State a sync so let's overwrite that method and in doing so we can have this method so this is a method that we overriding and I can see from here we get a token from the local storage now this token is has been um serialized okay so when we have this token this is what you're doing in case it is now then return Anonymous you see we created Anonymous here as a claim identity with no claim so it means that as soon as we pass in this Anonymous user is not authenticated so in case the storage the the token from the local storage is now to it means user is not authenticated that return this but in case we find something then since it is serialized then go in there now deize it so call this method disiz user this method has been used in the client service that is why I said we could create one base class and I be using it but don't worry we're going to make a copy and paste and I leave it put it over here then aside from that we call this get claims from JWT so the token that we have you want to extract the claims so we can assign to this claims principle okay which has the claims identity okay so first of all we have to disiz it after distalizing get this you're using the two which means you're making an explicit what outcomes email and AR R that's what we are expecting from this claim method passing this token then aside from that call this notification State and now passing this set claims principal it's also a method that we need to do by providing the email and the R so we're going to have the is authenticated let's have that method so after creating this the next one is we have to update the token anytime um user logs or locks out so you can see from here it is acception user session and now in here we create a claims for principal and in case coming in here in case this is n then we want to remove it so that is if you pass it now to this object it means user has now logged out to remove it from the local storage if not then also um get get it from the no set it to the local storage so from here set item is sync we provide the key and the value weize it and I we store it over there we can get the claims from it then we also set the um claim princip part to this at the end of the day then we going to notify this as soon as you notify you can see this claim principle going to handle with the email now the the row as the claims then it's going to refresh the application and I make the user authenticated um um access okay so now we have this so let's go in there and create this method so so this I call them General method so the first one that we need to do is we are going to talk about the set claims so this is going to set claims it return the claims what principal we input email and the r and I can see we are setting it over here and I return this CLA principle the type of order that we using isw you can just rename it to any name that you want the next one that we are doing here is we want to um get claim so here here we have to extract the JWT decrypt it or decode it and now extract the claims from it so you can see from here we decrypt the the the token then we extract only the claim section then we we look to it and then get the rule and then the user the email okay from here then you return the email then return the row as well okay then the next the last one here it is the same method that we use in the client interface and now within that it is just decrypt and now seriz and now disiz this we've done this already that's why I said you could have put this in one class I don't worry put it there and let's move on okay so we also done with this authentication State provider the next thing that we're going to do here is we have to register the service that is authentication State provider and also the interface and the class that we created you have to put them in the program.cs file so within the client CS file let's um do that in there so inside that you first have to include the service let me just have all these we first have to register this add B local story you have to register that we have to add the scope of this I service and so this client service and we have to include this authentication State provider then we append our customer that we created after that add authorization core okay to to this now this is saying let's see so I client service service control period okay let's check it out so we go to solution and I service for the interface public interface we have that set the client service this has to inherit from this I client service okay so that is set and this going to yeah all set and done the next thing that we're going to do here is we are going to update the app. Razer so let's update that and we have to use the cascading authentication state to to cover it to contain that and that's we're going to use for routing so you have to check all the time are you authenticated if not then we pass it to the right channel okay so cascading authentication State then we have to include it over here all right so after doing this let's see what we need to do next is we are going to create our registration component so registration component and you're going to do that in the pages okay so let's go to the pages we create a registration component in there we have our Pages then we even have counter so let's P let's change it registration component and now in that we want to use this so we inject our HTTP client over here and now even when you check we are injecting this I client service we don't have to inject this because we not using we using the service okay let's save this let's close this and open it again okay so yeah so we have this control period let's include the reference and as you can see from this we are creating just a simple form and with the name email pass and confirm password and I register so as soon as you register you click on the button we have to call the service and I pass in this model and I return the results to the user you see is very simp present it we inject this IGS run time then we invoke it to display and alert to the user now let's work on the login so the log is a very simple one that we are going to um create so inside the pages folder we are also going to let's change this fetch data to the login and now within this login we also have to use this let's say this closes up then open it again so we can have the color one okay now there's no HTTP client so let's remove it then control period let's include the name space for the client service then authentication state two let's include the name space as well all right so we have it set and this is the model as login model and now within that when this login is clicked we call this service and as soon as we call this service and it it Returns the object of user session you will see here we are creating we are calling the method in the Au authentication State provider that we creat that's the customized one then we append we call the update or state we pass in this object so this object here it is a user session as soon as he gets to that um the method he going to digize it and now insert it into or set it to the local storage and I navigate to the homepage and I refresh the app okay that's what we're going to do now let's go to the main layout now inside this main layout we are going to um enable the logout and create a log out function so go to the shed and our main layout in here let's space this here so we include a name space of this I normally have to close this up then re open it all right so we can see from here that you have the same authentic ation State we have to also include the name space over here now this is an authorized view so if you're authenticated then display your name and now have a button or have an icon as a logout in case you are not then display hello guest okay if we if you click on the log out here then you want to call this method update the method passing now you passing now here it goes to the method and now as soon as it is now it's going to remove from the local storage and now return anonymous so you're going to remove out from the local storage okay now let's see if this let's close this and reopen it again and check it out if it is what we want okay so we need to add this name space so we can have access to this all right now let's say so let's also go to this nav layout and now within the nav layout let's make some small changes in there so solution then this nav layout we are going to make some changes in here just that we are using this authorized view to cover the page so if you're not authorized you see you want to see register and our login if you authorized then see this if you're authorized display app user right and this is going to uh be done by the administrator so administrator can see this my info going to be seen by user click on this make a call here so we are making a service call A service here get user account and now here to get info we need to call a service and I'm pass in the the name the email so in doing so we have to use this cascading um parameter which from the upate and then we can have access to the user context then we can fish out the name from this identity we call this service and I pass in the get my info which requires um email over in there all right so um that is what we need to do so far now we going to build this project and I run it and test it out over there and see if everything is working then we say who we are done with that project so let's let's build it and see so see everything and solution explor right click now let's build solution all right so you can see that it successfully built now let's run this application and I'll test it out and see all right so you can see that it is now opening now let's see we set our token to be um 1 minute for for the expired date so let's register an account in here let's put in there a net code and with this I'm going to say admin at gmail.com and the password let's see so click on register okay so nothing happen let's click and see okay so nothing still happen let's check at database and see if that has been saved so SQL server and database the name is demo DB so tables now let's open the data the registration table and see so view data let's open the token also view data and let's set up for the row too view data okay so for the token nothing happened and registration nothing happened all right so let's let let's see to register okay so nothing happens now let's check it up and see what the issue is so when you press on F12 and I'll check let's see the route here from this register the route here it is an API authentication and register so let's check and see so you can see we have the authentication for the controller name but there's no API here so let's add the API all right so let's refresh this again okay so let's do the registration again let's see next code uh one two 3 one two 3 click on register and now let's wait for the response all right so you can see we have one now when we check the database uh user row refresh it going to be assigned as an admin since we had an admin startat and token info no nothing because you can see no token now when you check the registration we have the information over here with the password encrypted nicely and email as you can see now let's go in there and now login so let's try to log in with the same information now um with email address you pass the email address and a password one two three click on login and now let's wait so you can see we are logged in as can see you can see an app user and now here we can see an admin at um email.com so we can just log out here see we are back let's create another account and let's use um test and let's use red at gmail so WR at gmail.com so password the same password now click on register it must have id2 then let's click on login so um red then one two three log in and we see we are now so we see user can have my information admin can say get user account right and we can just log in so when we check the database table to we have the same information and when you check the row now you can see we have an admin set and now this is um let's user let's try to create next admin so let's sign this out and now which register let's see so this is TS okay the same test by this time around it is an admin at gmail right so let's even admin this and let's see the password to one two 3 one two three so register and I also you admin already registered so we can use that okay so now let's log in with the the red one this as a user so one two three click on login and now we in here so our token is now activated and now we have one minute I have um a watch here so let's see now let's go to let's make it in this form okay now U when you click on my information see we have my information here let's right click and I go to inspect element and now where you have this network tab click on this then in here click on my info the call is made and you can see from this call we have the token over here that's a bar token when you go to the application so when you go to this application and go to um Loca and now can see we have this token when you copy this token and now you open notepad so let's see if I have notepad now with this notepad and you paste this here you can see we have the token here this is a refresh token the token ends with the de you can see it's over here so it ends with d now when you check this token from the header Network tab you see ends with de so that is it okay now don't save let's wait for almost let's wait for the one minute to to up then we click on it to see if the refresh token is going to work as soon as the state becomes an authorized a new call will be initialized and we can now generate a new token for us okay so now let's try uh with a new request and now if I click on this yeah so we have it you can see we have the response over here and I can see here um we had this red now this red line is saying it is 401 meaning it is unauthorized as soon as you unauthorized what we are doing here is we call this method to get a new token and as you can see there is a new token that we have and now with this new token we app it to the header and I can see we can have a new token here that ends with um X y-1 when you check the previous one you could see it is different from it different from this all right so that is it that is a way out to create a refresh token there are so many ways of doing that this is just one another one to is you can also create a custom um HTTP Handler that can used to intercept all request and responses then we can append or check in case it is unauthorized then we also make a call it's also there so there this one maybe next time we're going to have time to also go through the other one as well and maybe similar ones to thank you so much if you think this video is helpful to you please give thumbs up because when you do that it's help the channel a lot thank you so much in the description and I'll leave a link to the GitHub so you can just clone the source code thank you and take care of yourself and I'm going to catch you up in the next video

Info

Channel: Netcode-Hub

Views: 1,040

Rating: undefined out of 5

Keywords: .NET, Blazor, WebAssembly, Security, Auth, Roles, Refresh, Tokens, Unlock, Marvels, Web, Development, C#, Tutorial, Guide, Step by Step, How to, Learn, Setup, Create, Build, Deploy, Publish, Host, Backend, Frontend, Client, Server, App, Application, Razor, Component, Communication, Data, State, Management, Storage, Sharing, Transfer, Passing, Sending, Receiving, Handling, Manipulating, Updating, Changing, Modifying, Altering, Transforming, Converting, Processing, Accessing, Retrieving, Displaying, Rendering, Showing, Hiding

Id: iHg5jwYkc3E

Channel Id: undefined

Length: 60min 10sec (3610 seconds)

Published: Tue Oct 24 2023