Send JWT in request headers of swagger in Asp Net Core WebAPI projects

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

when you have an asp.net core web API project you can use JWT or Json web token to implement authentication and authorization and in order to manage your access to your backend resources you need to send this token to the backend with your request headers so normally we have two different ways to test our backend project Postman or swager with Postman it's easy and I have another tutorial and in that tutorial I showed you how you can do this using Postman the link of it is in the video description and also we can use Swagger but the problem is we don't have access to the request headers in swager in a standard implementation of it we have the Swagger in asp.net cor projects but we cannot send token with it so in this tutorial I'm going to show you how you can do this and how you can send a token with your request headers to the back end using asp.net cor web API swag here and let's go and see how we can do this well this is the project I'm going to use in this tutorial and you can download this project from my GitHub repo the link of it would be in the video description this is an simple asp.net cor web AI project that related to my one of my other tutorials and also I put the link of that tutorial in the video description so you can see it and that's it so I can simply go here and I clone this project using this uh copy URL to C clipboard and that's it let's go and use it well I downloaded the project from the GitHub and open it in Visual Studio 2022 and I can simply open it and I right click on the project and I use build to be sure that everything is okay and because I have this project in my system I don't need to have any migration but if you want to use it for the first time you can use migrate commands but it's not important and in this tutorial our focus is just on the swagar so let's run the project and see what do we have until now well this is it this is a normal swagar and I assume that you are familiar with the swagar so you can see that I can have register login and other functionalities for example I can log in with a user so let's try it for example I have a user of madahi van and also a password of this and if I execute where you can see that this is a successful uh login and I have a suced of true and I will receive a token so let's use this token and we need to send this token to the back end to have access to the resources that needs authentication for example here you can see that this is a test uh get user role which is uh a simple get method of as. net core project so if I say execute it will receive 401 and it says that we need to log into website to have access to it so we can use Postman but in this tutorial we need to send the uh token to the back end using the Swagger normally we don't have it but we can add it simply so let's go and add it to our project so I go to the program. CSN this is the heart of our project uh control panel some sort of it and here we have access to everything we want for example here I have to add the database and then adding identity they are all from my previous tutorial and you can find them in the uh video description if you want to see that tutorial but it's not important for us after this we have this add authentication and jwtb we add them to the services and then we have the inject of the uh Services which is a dependency injection part so let's press enter here and after this injection we have the pipeline and we build our app and then we we can use some other middle ws and that's it so before this uh Pipeline and after injecting our services I want to add that headers to my Swagger so let's do this how we can do this it's too easy we can use the Builder do Services dot at endpoint so we use builder. services do add endpoint API Explorer and that's it so we will add the API Explorer and points to our services and after that we can add another one so I use Builder do services do add swager generator or at swager gen and here I need to have some configurations so here I will pass some options to it and then I open a care Liber to have some options so for the first one I use options. add security definition for the security definitions we can add a beer to it and after that we can add a new microsoft. open API do models do open API security schema and let's open a klyber here to add some fields to it for example we can have different configuration for example for the name I want to use authorization that's it and after that I can have in so I want to use header so I use microsoft. open API do models. parameter location do header so we have query pass the cookies here I want to use header so I will send my token in request header that's it and and we can have a description to show to user we you will see this description soon so here I want to use this is it so we need to send it this is just a description to help our users we say please enter your token with this format beor and space then the token and after that let's have a type for it so for a type we can again use microsoft. open API do models. security schema type. API key and then let's have a be format for it which would be JWT and also let's have an schema which would be BR so this is it this is for the add security definition in these options and after this we can have add another options for example we can have options. ADD security so uh on the top we had add security definition now we can use add security requirements and here we can have a new microsoft. open api. models. open API security requirement you can see that with typing just the first letter of each section I have access to it open API security requirement and let's open a cly brace to add some options to it and again you need to open another kly brace here and here we can use a new open API security schema and open a k Liber to add some options to it for example we can add a name and for the name we can use a beor and then we can have in so we can have a parameter location. header and also for the reference we can use a new open API reference and here we need to open another care here and we use the IDE of be and also a type of reference type do security schema that's it and after that we can use a new list of string this is it exactly like the documentation of it so this is it I think everything is okay now let's stop our project and start it again and check if it's work or not well this time you can see that we have this uh icon here which is a lock and here you can see that we can add token to them and also we can have a general token here on the top so I have this authoriz and if I click on it you can see that I have the be API key and here we have the description of please enter your token with this format be your token and that's it and the name is authorization and it is in header so let's copy one of them so let's use login again and I want to have a token so let's say I'm copy paste so using a username and the password I will receive a token I can send it so let's go here to the authorization and here we need to type beor space and I paste my token authorize well now you can see that we are authorized so let's go and check this get user role again to see do we have any or not oh yes you can see that we received 200 and we received the list and this list is not important we are just checking the access to it so if I log out from here can I have access to this if I execute I will receive 401 and it says that I don't have access to it what if I use an invalid token for example I use a be space and something aoriz close do I have access to it let's execute no 401 that's good and it says that we don't have any access to it that's good so again if I go here and I log out and I use be space and paste my token again and close and execute well 200 so you can see that now we are receiving the uh list from the back end and we have access to it and if you check it here inside of this curve you can see that we are sending this header to the back end which is authorization equals to beor andace and then this token that is sending with our request headers to the back end and that's it I hope this video helps you have a good time and goodbye

Info

Channel: Dev Empower

Views: 496

Rating: undefined out of 5

Keywords: swagger, asp.net core, c#, .net 7 web api, asp net core web api, asp.net 7 api, asp.net api tutorial, asp.net core api, asp.net core api crud, asp.net core api entity framework, asp.net core web api, aspnet core web api, dotnet core web api, dotnet core web api tutorial, entity framework, rest api asp.net core, asp.net, .net core, web api, .net core web api, jwt, authorization, authentication, role-based authorization, asp.net web api, .net, jwt authentication

Id: b98YDiSOn_w

Channel Id: undefined

Length: 10min 48sec (648 seconds)

Published: Sun Dec 17 2023