ASP NET Web API logout

Рет қаралды 103,610

Күн бұрын

Пікірлер: 28

@belmiris1371 2 жыл бұрын

I had a weird issue where Chrome kept using a cache of the Login.html page that wrote to the sessionStorage but used the new Data.html that read from the localStorage. Thank goodness for the 'view source' option. A CTRL + F5 solved the issue after I went down several rabbit holes. Thank you for these great videos!

@martenhc 8 жыл бұрын

Hello Venkat, great video as always. I was wondering, why not using cookies to store the token? Does localstorage have any advantage over cookies?

@shivasanika3762 8 жыл бұрын

Hi sir, Would like to clarify some doubts below. 1) How if I want to delete token from the server? 2) or how to modify the validity of token by clicking some button on UI? 3) Where is the actual point (code) of the verification is happening at server side? How the server us validating the token is correct or not and validated or not?

@hitenmaisuriya8212 6 жыл бұрын

yes i want to know this also

@yasirirfan5262 3 жыл бұрын

Did you get your answer? I want the answer of your question.

@belmiris1371 2 жыл бұрын

@@yasirirfan5262 1) I don't think the token is stored on the server. The server just decrypts it and gets the information stored there (user, etc...). 2) The client should never validate the token. The token is handled by the server. 3) He shows in an earlier video that the ApplicationOAuthProvider.cs class handles looking up the user. You can see it in the code.

@ramchandrathakkar2022 8 жыл бұрын

very much informative.

@smf6765 4 жыл бұрын

localStorage doesn't work in Chrome for me.

@Umer171 6 жыл бұрын

What if someone get access-token from over session storage and he can expose our data on fiddler so how can we manually expire over token or forcefully expire ?

@mohdali8246 7 жыл бұрын

Hello Venkat Sir, Are you going to upload recover password in Web Api. Thanks for all your help with .Net videos.

@amsuprith 8 жыл бұрын

Hi Venkat thanks for great tutorials Is user name and passwords are passed as the plain text to server in the demo?. If that is the case is it not easy for a hacker to get hold of them and use for generating the token? . Please advise.

@caidengrant1101 3 жыл бұрын

i guess Im randomly asking but does anyone know a way to get back into an instagram account..? I stupidly lost my login password. I appreciate any help you can offer me.

@vinayakachikodi7082 3 жыл бұрын

Is there way to check accessToken is valid or not. Because, if we are checking whether accessToken is not null, then user can add accessToken with any string value key in local or session storage from inspect mode.

@helriper27hr 6 жыл бұрын

Excellent!

@garys3673 8 жыл бұрын

I really want to know what's the difference between the "bearer" and "basic" authentication, is the "bearer" more secure?? And I hope you could made some more videos about OData on Web API to enrich this video series. Big Thank!!

@ShivamAggarwal22 7 жыл бұрын

With bearer authentication, you don't send a username/password combination with every request. If someone is snooping, they will get only the authentication token which will expire after some time. They can not get permanent access to your account. They can't reset your password either. That's because your previous password is required to set a new Password. Or at least you need something else, other than the temporary authentication token.