ASP.NET Core Web API + Entity Framework Core : Basic Authentication Explained

ASP.NET Core Web API + Entity Framework Core : Basic Authentication Explained - EP07

Рет қаралды 55,663

CuriousDrive: Solve Coding Problems & Win Prizes!

Күн бұрын

Пікірлер: 109

@amnesia3490 4 жыл бұрын

Thanks for the tutorails. It really helps to see not outdated tutorails.

@CuriousDrive 4 жыл бұрын

Thanks for watching 😊. Please share with others

@somebodyCEO 3 жыл бұрын

Thank you so much for the time you put into this. It was clear, concise and straight to the point!

@CuriousDrive 3 жыл бұрын

Thanks for a lovely comment Telmo. Please share with your friends too :)

@chintakawijetunga5658 4 жыл бұрын

Beautifully explained. Worked seamlessly. Adding to what you explained, in postman, can use Authorization tab's Basic Auth Type to pass the credentials as well. It automatically converts to Base64 format.. Thanks CuriousDrive!

@CuriousDrive 4 жыл бұрын

Ohh I did not know. I am definitely going to try that. Thanks for sharing the info :)

@peymanx 3 жыл бұрын

@@CuriousDrive Thanks for great job. here is a video talkabout how use 'Authentication' tab instead of 'Header' in postman: kzbin.info/www/bejne/jKraqXyHZ7-LrZY

@exiafarm3865 4 жыл бұрын

Dude Thank you very much.. you deserve a lot of credit ! My API demo will be coming this week and the security part was the one thing i had trouble with Thank you again !

@CuriousDrive 4 жыл бұрын

I am glad this was helpful. Thanks for lovely comment. Please share with your friends too :)

@CAPS_AMERICA 2 жыл бұрын

Thank you for this, waiting to watch the series how to consume different APIs with simple to complex authentications! cheers!

@CuriousDrive 2 жыл бұрын

Hello Jack. Thanks for watching. Can you please list complex authentications? I will add to the list of videos that I plan on making. Thanks.

@CAPS_AMERICA 2 жыл бұрын

@@CuriousDrive Hi bro, those complex authentications are using .net tokens, some of them not using JWT, so basically passing an encrypted string, then uses that string as a bearer token with HTTPClient class, another is OAuth authentication?. Not sure if one of your videos already has it.

@hamouz718 4 жыл бұрын

Best video on the subject, keep them coming.

@CuriousDrive 4 жыл бұрын

Thanks for commenting Hamza, please share with others.

@siddheshmhatre4578 4 жыл бұрын

Thanks a ton brother for this beautiful series. I will wait for more such series from you. Very nice explanation from basics. Thank you brother once again for your efforts.

@CuriousDrive 4 жыл бұрын

I am glad that you liked the series Siddhesh. Let me know if you into any issues.

@talkathiriify 5 жыл бұрын

Excellent as always with best regards Thank you very much Fahad.

@CuriousDrive 5 жыл бұрын

Thanks Tarik, I am getting closer to solve your problem. One more video to go.

@talkathiriify 5 жыл бұрын

@@CuriousDrive You are a great person. Thank you very much.

@lemurza5236 5 жыл бұрын

Thank for this. Loving you videos

@ahmedsaad8919 4 жыл бұрын

Thanks for this helpful tutorials , great series brother. keep going

@CuriousDrive 4 жыл бұрын

Thanks for watching. Please share with your friend :)

@appa7164 2 жыл бұрын

Thanks a lot for great session and whole series❤

@MrJimmaguire 2 жыл бұрын

Outstanding, thanks!

@CuriousDrive 2 жыл бұрын

Thanks for watching Jim. Please share with others.

@CuriousDrive 4 жыл бұрын

Code - github.com/CuriousDrive/BookStores Thanks for watching, please share with your friends :)

@DigitalElectronicSchool 3 жыл бұрын

Thank you very much .. but I can't find BasicAuthenticationHandler.cs in the project

@SparkDude1000 4 жыл бұрын

Hi, thanks a lot for this educative materials, you're doing well! On this EP07, you didn't show how you added the UsersController, Microsoft.Extension.Logging package. This makes it kind of misleading with someone following from EP01. Maybe, I'm missing something or you're assuming the users will decipher it but it's always nice to touch areas like that so that the following users/student doesn't break or lose you along the way. I'll appreciate your swift response to this... Thank you in anticipation - #GreatGuy

@CuriousDrive 4 жыл бұрын

Thanks for the honest feedback Vincent. In the previous videos I explained how you can add controllers and that's why I thought I wasn't necessary to mention that. But other people are asking me to go slowly and explain all the steps. I will keep this in mind. Again thanks for the feedback!!

@baktay 4 жыл бұрын

@@CuriousDrive You lost me there as well.

@oOserkanCakmakOo 5 жыл бұрын

Thank you for sharing useful information

@CuriousDrive 5 жыл бұрын

:) pleas share channel with your friends.

@moumantiok 2 жыл бұрын

thanks for your explanation

@CuriousDrive 2 жыл бұрын

Thanks for watching :)

@ioanabondoc3844 4 жыл бұрын

Hello, I have a question. You usually don't put [Authorize] attribute over the UsersController right? cuz then somebody who acceses a website for the first time would not be able to register right? Correct me if I'm wrong (or anyone who sees this question). Thanks! Again, very great material!

@CuriousDrive 4 жыл бұрын

You are correct Ioana. UserController is mostly open for all the requests. It is used for generating tokens for authenticated user so that they stay authorized for other requests.

@mikedensem 2 жыл бұрын

Just a thought: it may be less confusing if you refer to Base64 as an encoder rather than an encryptor.

@mateusdossantossilva4194 5 жыл бұрын

VERY GOOD, THANKS.

@CuriousDrive 5 жыл бұрын

Thanks for watching.

@mecitsarguzel942 4 жыл бұрын

Very useful. Thank you!

@CuriousDrive 4 жыл бұрын

Thanks for watching mecit

@ajvenable7937 3 жыл бұрын

Very nice video!

@CuriousDrive 3 жыл бұрын

Thanks for watching Aj

@kandinagireddy Жыл бұрын

Tutorial is very good. Are there any new series on .Net 6/7/8/ Web api??

@imran2march 5 жыл бұрын

Excellent video How do i use token base auth2 which stores token and refresh token in database table with client id.

@CuriousDrive 5 жыл бұрын

I haven't personally dealt with auth2 tokens may be that's why I don't completely understand your question. Sorry.

@akshatagupta1041 2 жыл бұрын

thank you so much for ur video

@CuriousDrive 2 жыл бұрын

Thanks for watching Akshata. Please share with others :)

@efraimbasilio 4 жыл бұрын

Lovely thanks, Subscribed!

@CuriousDrive 4 жыл бұрын

Thanks for watching Efraim. Please share with your friends.

@2005bgva 4 жыл бұрын

Fantastic, I learned A LOT. Thanks. Please some reference to see how to do the front end to use this implementation?

@CuriousDrive 4 жыл бұрын

Thanks for watching Byron. Unfortunately, I do not have front end implementation for this. I used JWT for authorizing the API calls as that's what most of the projects use. You can watch that video here - kzbin.info/www/bejne/qJ-VmKNri7N6gas

@_grzehotnik 3 жыл бұрын

Very nice and informative video! Especially that I feel kinda lost surrounded by JWTs, Auth0s, etc. I have a question tho: If I want to login to get the token, would it be sufficient to just send credentials (email, password), check if user exists and then combine those into a base64 string and return it in the response?

@CuriousDrive 3 жыл бұрын

Hello grzehotnik, It's not safe to send username and password in plain text. It's also not safe to pass base64string of username:password all the time. And that's why people use JWT. Please check the next video for that. But it also depends on which project you are working on. If you are just working on a school project then I would not worry too much about it.

@_grzehotnik 3 жыл бұрын

@@CuriousDrive Yeah, I know it's not safe as the whole basic authc is not safe. I just wanna make the most basic setup for a minimalistic web api (learning docker right now and I wanna contenerize the app)

@CuriousDrive 3 жыл бұрын

Nice. Same pinch. I am learning docker too

@benjacordoba 4 жыл бұрын

Thanks so much!!

@CuriousDrive 4 жыл бұрын

Glad it helped!

@peymanx 3 жыл бұрын

Greatjob bro; keeeeeeeeeeeeep going

@CuriousDrive 3 жыл бұрын

Thanks. Please share with your friends :)

@BudiSantoso-er6cq 4 жыл бұрын

i newbie.. thanks for sharing

@CuriousDrive 4 жыл бұрын

Thanks for watching Budi :)

@sethisaacks8683 2 жыл бұрын

Do you have an example of what the controller will pass back to the UI layer if it fails? Does it pass back an ActionResult or AuthenticateResult???

@ayavuyaxokozela6553 3 жыл бұрын

How did you change AuthenticationHeaderValue to be like a hyper link you said its verb or vague something?

@ayavuyaxokozela6553 3 жыл бұрын

Never mind i got it

@CuriousDrive 3 жыл бұрын

I am glad you figured it out :)

@deepakrevidagar4275 2 жыл бұрын

Bro i got stuck in this🥺 in this video at 18:30 at that time when you hold your cursor on the parameter it will show the encrypted value and if you hold the cursor on credentials it will show the actual value but in my case it's showing NULL in both the sides😢 Please help me out .....

@olegsuprun7590 4 жыл бұрын

so are you retrieving a password from db in plain text? Not sure its a good idea

@CuriousDrive 4 жыл бұрын

No I made sure not to send password field in the response. It looks "null" to me

@kintanumari8919 3 жыл бұрын

Wonderfull, i have a questions, how do i consume this API for login?

@CuriousDrive 3 жыл бұрын

Thanks for watching Kintan? Which UI framework are you using? You can add authorization headers using below lines. var requestMessage = new HttpRequestMessage(HttpMethod.Get, requestUri + Id); requestMessage.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", "token"); var response = await _httpClient.SendAsync(requestMessage);

@kintanumari8919 3 жыл бұрын

@@CuriousDrive I using .net Core MVC. Thank you for your answer, I'll try this to my project

@namratamulwani4737 2 жыл бұрын

How to save this login info of claim or ticket to keep user sign in like cookie

@CuriousDrive 2 жыл бұрын

Hello Namrata, I made a video about this for Blazor WebAssembly Project. But most of configuration is done on the server so that should work for you. Please check this one out - kzbin.info/www/bejne/aGOTd4SYgrCsqMk Hopefully this is what you were looking for.

@namratamulwani4737 3 жыл бұрын

Can you show role based authentication?

@CuriousDrive 3 жыл бұрын

Hello Namrata - I have covered that in below video. It's for Blazor but you should be able follow in this solution too. kzbin.info/www/bejne/qJyYpnx3a9hobZY

@DigitalElectronicSchool 3 жыл бұрын

Thank you very much .. but I can't find BasicAuthenticationHandler.cs in the project

@CuriousDrive 3 жыл бұрын

BasicAuthenticationHandler.cs is not part of this solution anymore. I did not persist the code for this episode. Sorry about that. Please follow the code from below link. That's where I learned about BasicAuthenticationHandler jasonwatmore.com/post/2019/10/21/aspnet-core-3-basic-authentication-tutorial-with-example-api

@somayehamiri4194 4 жыл бұрын

Hi, I have a problem with this part. Api works but does not show any record in Postman. After Finishing Authentication process, shouldn't it call the GetUsers function? In my code, It stops after finishing AuthenticationHandler ,And doesn't run the GetUser function, is it ok? thank you

@CuriousDrive 4 жыл бұрын

Hello Somayeh, are you passing your username and password in the request? Are you getting any response error? That's the thing about basic authentication. You have to authenticate the user every time you need to get the user information. Have you tried JWT? The video is here - kzbin.info/www/bejne/qJ-VmKNri7N6gas

@somayehamiri4194 4 жыл бұрын

@@CuriousDrive yes I was passing them in the request. and I didn't get any error. It just didn't show the data. I'll try JWT . thanks

@kushalpillay2677 4 жыл бұрын

thanks for the video. wished you had shared the code.

@CuriousDrive 4 жыл бұрын

I wanted to Kushal, but I could not use basic and JWT authentication together. and that's why I had to remove the code. If you are are looking for JWT authorization then that video is here - kzbin.info/www/bejne/qJ-VmKNri7N6gas

@kushalpillay2677 4 жыл бұрын

@@CuriousDrive thanks, I had a look. Subscribed to you as well. Thanks for your hard work. Also, if yu branch out the code thats also a possibility to have one for jet and one for basic. But all good, thanks once again for your help. Clear explanation.

@CuriousDrive 4 жыл бұрын

Aahh I didn't think of that. Next time!!!

@kinax2 4 жыл бұрын

it similar to JWT right ?

@CuriousDrive 4 жыл бұрын

JWT is used for authorization and basic authentication is used for authentication.

@kinax2 4 жыл бұрын

@@CuriousDrive can you do a video how to hash password in asp core ?

@sunilreddy84 Жыл бұрын

where can I find the code for this?

@Lmao-ke9lq 4 жыл бұрын

6:03 where can i find this settings in NOT CORE, just in webapi .net

@CuriousDrive 4 жыл бұрын

Sorry not sure how to do this in just ASP.NET Web API !!

@arshadvp711 3 жыл бұрын

how will authenticate with identity framework and if the password is a hashed one ?

@CuriousDrive 3 жыл бұрын

Hello Arshad, I don't have any experience with Identity Framework. I hope someone who's reading the comments can answer your question. Thanks for watching.