How to authenticate a user in a .NET Core MVC frontend, with a .net core identity framework
I have an ASP.NET CORE MVC WebApp with Identity framework. Now that we are also planning to extend our product such that we can provide mobile apps with xamerin, I decided to make an API so that we don't have to code the backend twice. We currently host our App in the Azure Cloud.
For the backend: I would like to use ASP.NET CORE WebApi but I figured that there is no such Identity template nor a native Azure Web API integration. So would it be better to use ASP.NET instead? I already created a basic login AccountController for .net core API.
Since I authenticated the ASP.NET Core MVC Web App via identity framework, I would like to also use that in the backend. So that you log in on the backend and receive a token, once you logged in successfully. I have to code to login the user at the backend and return a token.
How exactly can I authenticate the .NET ASP CORE Frontend? The user will query the login page -> AuthConntroller.Login-> Login method starts a call to Login Backend API -> Backend API queries backend-database -> if successful return true-> backend generates a token->sends it back to frontend-> frontend uses Owin so that I can use the [Authorize] Attribute in the controller classes so that I can authenticate the user?
Anything else that I have to consider when I'm using such an API design?
Thank you so much for any hints/tricks/links/recommendations on my dilemma.
Sincerely, Paul
c# asp.net-core asp.net-identity aspnetcoretemplatepack
add a comment |
I have an ASP.NET CORE MVC WebApp with Identity framework. Now that we are also planning to extend our product such that we can provide mobile apps with xamerin, I decided to make an API so that we don't have to code the backend twice. We currently host our App in the Azure Cloud.
For the backend: I would like to use ASP.NET CORE WebApi but I figured that there is no such Identity template nor a native Azure Web API integration. So would it be better to use ASP.NET instead? I already created a basic login AccountController for .net core API.
Since I authenticated the ASP.NET Core MVC Web App via identity framework, I would like to also use that in the backend. So that you log in on the backend and receive a token, once you logged in successfully. I have to code to login the user at the backend and return a token.
How exactly can I authenticate the .NET ASP CORE Frontend? The user will query the login page -> AuthConntroller.Login-> Login method starts a call to Login Backend API -> Backend API queries backend-database -> if successful return true-> backend generates a token->sends it back to frontend-> frontend uses Owin so that I can use the [Authorize] Attribute in the controller classes so that I can authenticate the user?
Anything else that I have to consider when I'm using such an API design?
Thank you so much for any hints/tricks/links/recommendations on my dilemma.
Sincerely, Paul
c# asp.net-core asp.net-identity aspnetcoretemplatepack
add a comment |
I have an ASP.NET CORE MVC WebApp with Identity framework. Now that we are also planning to extend our product such that we can provide mobile apps with xamerin, I decided to make an API so that we don't have to code the backend twice. We currently host our App in the Azure Cloud.
For the backend: I would like to use ASP.NET CORE WebApi but I figured that there is no such Identity template nor a native Azure Web API integration. So would it be better to use ASP.NET instead? I already created a basic login AccountController for .net core API.
Since I authenticated the ASP.NET Core MVC Web App via identity framework, I would like to also use that in the backend. So that you log in on the backend and receive a token, once you logged in successfully. I have to code to login the user at the backend and return a token.
How exactly can I authenticate the .NET ASP CORE Frontend? The user will query the login page -> AuthConntroller.Login-> Login method starts a call to Login Backend API -> Backend API queries backend-database -> if successful return true-> backend generates a token->sends it back to frontend-> frontend uses Owin so that I can use the [Authorize] Attribute in the controller classes so that I can authenticate the user?
Anything else that I have to consider when I'm using such an API design?
Thank you so much for any hints/tricks/links/recommendations on my dilemma.
Sincerely, Paul
c# asp.net-core asp.net-identity aspnetcoretemplatepack
I have an ASP.NET CORE MVC WebApp with Identity framework. Now that we are also planning to extend our product such that we can provide mobile apps with xamerin, I decided to make an API so that we don't have to code the backend twice. We currently host our App in the Azure Cloud.
For the backend: I would like to use ASP.NET CORE WebApi but I figured that there is no such Identity template nor a native Azure Web API integration. So would it be better to use ASP.NET instead? I already created a basic login AccountController for .net core API.
Since I authenticated the ASP.NET Core MVC Web App via identity framework, I would like to also use that in the backend. So that you log in on the backend and receive a token, once you logged in successfully. I have to code to login the user at the backend and return a token.
How exactly can I authenticate the .NET ASP CORE Frontend? The user will query the login page -> AuthConntroller.Login-> Login method starts a call to Login Backend API -> Backend API queries backend-database -> if successful return true-> backend generates a token->sends it back to frontend-> frontend uses Owin so that I can use the [Authorize] Attribute in the controller classes so that I can authenticate the user?
Anything else that I have to consider when I'm using such an API design?
Thank you so much for any hints/tricks/links/recommendations on my dilemma.
Sincerely, Paul
c# asp.net-core asp.net-identity aspnetcoretemplatepack
c# asp.net-core asp.net-identity aspnetcoretemplatepack
asked Nov 21 '18 at 16:56
PauLyPauLy
395
395
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
If I understand the problem correctly this sources it might be little help:
https://docs.microsoft.com/en-us/aspnet/core/security/authentication/identity?view=aspnetcore-2.1&tabs=visual-studio
http://docs.identityserver.io/en/release/quickstarts/6_aspnet_identity.html
https://github.com/openiddict/openiddict-core
In such cases, it may not be enough Asp.Net Identity by itself. You can provide Auth server project these libraries for your client projects.
Thanks, looks I think that's pretty much what I need, I will read into it. Thank you!
– PauLy
Nov 21 '18 at 19:07
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53417070%2fhow-to-authenticate-a-user-in-a-net-core-mvc-frontend-with-a-net-core-identit%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
If I understand the problem correctly this sources it might be little help:
https://docs.microsoft.com/en-us/aspnet/core/security/authentication/identity?view=aspnetcore-2.1&tabs=visual-studio
http://docs.identityserver.io/en/release/quickstarts/6_aspnet_identity.html
https://github.com/openiddict/openiddict-core
In such cases, it may not be enough Asp.Net Identity by itself. You can provide Auth server project these libraries for your client projects.
Thanks, looks I think that's pretty much what I need, I will read into it. Thank you!
– PauLy
Nov 21 '18 at 19:07
add a comment |
If I understand the problem correctly this sources it might be little help:
https://docs.microsoft.com/en-us/aspnet/core/security/authentication/identity?view=aspnetcore-2.1&tabs=visual-studio
http://docs.identityserver.io/en/release/quickstarts/6_aspnet_identity.html
https://github.com/openiddict/openiddict-core
In such cases, it may not be enough Asp.Net Identity by itself. You can provide Auth server project these libraries for your client projects.
Thanks, looks I think that's pretty much what I need, I will read into it. Thank you!
– PauLy
Nov 21 '18 at 19:07
add a comment |
If I understand the problem correctly this sources it might be little help:
https://docs.microsoft.com/en-us/aspnet/core/security/authentication/identity?view=aspnetcore-2.1&tabs=visual-studio
http://docs.identityserver.io/en/release/quickstarts/6_aspnet_identity.html
https://github.com/openiddict/openiddict-core
In such cases, it may not be enough Asp.Net Identity by itself. You can provide Auth server project these libraries for your client projects.
If I understand the problem correctly this sources it might be little help:
https://docs.microsoft.com/en-us/aspnet/core/security/authentication/identity?view=aspnetcore-2.1&tabs=visual-studio
http://docs.identityserver.io/en/release/quickstarts/6_aspnet_identity.html
https://github.com/openiddict/openiddict-core
In such cases, it may not be enough Asp.Net Identity by itself. You can provide Auth server project these libraries for your client projects.
answered Nov 21 '18 at 18:48
mstfcckmstfcck
4033719
4033719
Thanks, looks I think that's pretty much what I need, I will read into it. Thank you!
– PauLy
Nov 21 '18 at 19:07
add a comment |
Thanks, looks I think that's pretty much what I need, I will read into it. Thank you!
– PauLy
Nov 21 '18 at 19:07
Thanks, looks I think that's pretty much what I need, I will read into it. Thank you!
– PauLy
Nov 21 '18 at 19:07
Thanks, looks I think that's pretty much what I need, I will read into it. Thank you!
– PauLy
Nov 21 '18 at 19:07
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53417070%2fhow-to-authenticate-a-user-in-a-net-core-mvc-frontend-with-a-net-core-identit%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown