ASP.NET Core Authentication Simplified

ASP.NET Core Authentication Simplified | .NET Conf 2023

Рет қаралды 48,458

dotnet

Күн бұрын

Пікірлер: 38

@acodersjourney Жыл бұрын

Your passion for what you do is contagious.

@olagisrarikis Жыл бұрын

I would love an example not using Entity Frameword. There are numerous scenarios whete EF is not feasible.

@maacpiash Жыл бұрын

Yes, I'd love to see an implementation of IUserStore (and other necessary interfaces) using Dapper.

@BrianHallmanac Жыл бұрын

@@maacpiashI would also like to see a Dapper implementation.

@sigma_z Жыл бұрын

Dapper for the win. 💪🏼

@shafo4384 10 ай бұрын

I can't have usernames, just emails. Allow us to register usernames + email. Please review your docs too, they are a bit of a mess. Can't find a simple tutorial on how to create an API for authentication with Identity. No explanation on how to do a Register, Login method, etc. Only Blazor/Razor stuff. Most people use React/Angular and just want a tutorial on purely .net backend, no .net frontend stuff. I wanted to create my own register method that allows user registration and was lost in those docs.

@jessewatson3187 8 ай бұрын

I’d chalk this up as a skill issue. After watching the video and skimming the docs I was able to setup both a custom user with username as well or custom login and register endpoints in under an hour. Perhaps the docs have been updated since then though so who really knows.

@larthallor Жыл бұрын

Feedback: I made it to 20:42 before I bailed. That this is the “simple” case and yet you two are tearing through what is clearly way too much content for the time allotted is an indictment of … something. Some combination of just how hard web authentication is combined with poor choices about what you chose to cover in the time allotted.

@vacc1001 Жыл бұрын

Yeah this was a dumpster fire!

@wagd Жыл бұрын

This is not a tutorial. It's a 20 minute summary of what is new with auth in .net 8. Auth IS hard, and auth for client apps is even harder. This video was perfectly fine for what it is. The angular part was a slight detour imho, but otherwise it was fine.

@EspenSkaufel Жыл бұрын

This is an overview over changes, not the simple case. I guess that could be clear on that. If you are looking for the simple way, try to look at the example that match your requirements.

@severalpens Жыл бұрын

'we already have Duende'.. 'most upvoted is SPA auth so we're going to look at Desktop and Mobile auth'. I gave up after that.

@kis.stupid Жыл бұрын

@@wagdit used to be easier. I also gave up on the PersistingStateAuthProvider. Not at all easier than our 40 line CustomAuthStateProvider to enable the . Which was already overkill.

@xanhxanh5097 Жыл бұрын

I love this update. please also do azure b2c roles next.

@Crisis742 Жыл бұрын

Yes please b2c

@marcelmuller9174 Жыл бұрын

Where can I see the code? Is there a github link?

@mdzakariamasud8326 Жыл бұрын

How to work with roles in this new identity api endpoints

@geraldmaale Жыл бұрын

It works the same as the previous. Just make sure to add the `AddRoles()` after the `AddIdentityCore()` ServiceCollection extension before the entityframeworstores and others.

@PedrooNL Жыл бұрын

@@geraldmaale Just adding `AddRoles()` does not bring the Role to the UserInfo at the WASM client. Any suggestion?

@agustinsilva7729 11 ай бұрын

Is there any way to add the Azure AD as a provider for the Individual user authentication in a blazor 8 server app ?

@severalpens Жыл бұрын

All I want is a B2C SPA with a back end. Is there no way they can just pivot Power Apps to just supply an SPA canvas for developers?

@MornyDevelopment 10 ай бұрын

Where can I find the code shown in the video?? To much of the code not shown to get the full overview on how to implement.

@manjurulkhan2308 Жыл бұрын

Sorry, what? Blazor server auth state magically gets transferred to client or vice versa? We need much more clarity guys!

@shahryarsaljoughi6073 7 ай бұрын

Stephan says that: "If you want to pre-render sensitive data that only an authenticated user can see, you have to do authentication using cookies." Why is that? Does it mean that JWT based auth won't work with pre-rendering? Could someone elaborate on this? I actually don't know how pre rendering comes to affect auth.

@Masteroxify Жыл бұрын

Why so many examples of authentication in Blazor use database ? Imo is the worst pattern, we should not combine database and frontend. Frontend should call the service on the backend to authenticate the user.

@fieryscorpion Жыл бұрын

This is amazing. Thank you!

@ArmanOssiLoko 11 ай бұрын

Why is there about 0 customization? Why can't you opt-out of some routes and why can't you customize what your registration model should contain, etc.? I am genuinely failing to see how this would help anyone beside students that are learning about this in school.

@agaviani Жыл бұрын

this video should have been much longer....

@ahmedhafiz2419 7 ай бұрын

I wonder why there's no option for Individual Accounts in Web API template. Thats the most important option 🤦

@minimalstory Жыл бұрын

thank you for the video, but transferring 30 megabytes to the client terrifies me, why no one likes to use blazor server....

@JibinMN Жыл бұрын

Anyone else got a feel that it gets more complicated ? Or is it the way the changes are explained? [ Not make sense to me and might be my fault)

@_miranHorvat Жыл бұрын

Yeah, I do. At the same time there is no improvement in security. TLS is the only piece to protect you. I create a simple shortguid for a login and then pass it in every request to the web services. And absolutelly no cookies.

@DestinationDub Жыл бұрын

Yeah - unfortunately this still isn't it... 2 steps forwards and 3 steps back.

@dimitralex1892 4 ай бұрын

this camera background blur/filter stuff is just annoying... why you even do it? it’s not working probably, just looks awful and unprofessional... i know its not that important, but it really triggers me to that point i cannot concentrate