I am trying to implement JWT Auth in my Core 2.1 webAPI. I'm still learning Core 2.1 and I have worked with MVC5 before. My question is that in MVC5, the AccountControllerwas auto generated along with all the controllers to handle the complete user authentication and authorization process. Now as I'm trying to implement the same thing for my Core 2.1 API, I've realized that they are no longer auto generated. I've searched around and have quite a few resoucrses that are teaching how to implement the functionality but, I remeber everyone would say to do not reinvent the authorization/authentication wheel and use the auto generated code provided by MVC5. Now I could follow the tutorials out there and implement the process myself but pretty much everyone seems to be doing there own implementation. Is this the correct way of doing this? I don't want to implement by following these tutorials and end up with a security loophole in my API.
I struggled with the same issue. I dont' know if it is good way to support authentication/authorization, but I found solution.
Generally web api should be pure api link. However when you:
1) derive form IdentityDbContext in DatabaseContext:
public class DatabaseContext : IdentityDbContext<ApplicationUser>
where ApplicationUser is your own class which derives from IdentityUser:
public class ApplicationUser : IdentityUser
2) do migrations, EF Core will generate for you all tables tha you need
Next, you must setup JWT authorize in your Startup class and create method in your AccountController to generate tokens. Really helpful video link
Is it answer on your question? Or I missed up something. I'm quite new in .NET
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments