Bro it ferfect but mor than perfect. please explain bigger size. Your screen resulation so b big.

That's good to hear. It's good that ASP.NET Core has it's own NuGet packages for authentication.

Hi, can you tell us how to add a logout button?

@@chandankarmakar6651 Steps for logging out : 1. Redirect the user to the login page. 2. Clear the saved cookie on logout button clicked.

Have you added your live domain as an "Authorised Redirect URI"?

So you should create a new "Authorised Redirect URI" of {livedomain}/signin-google.

@@RoundTheCode yes i have. I get redirected to aoth page i select my gmail account from the list then i get error 500 and it never hits my controller to receive the login info. Local it works

@@nontin21 And I'm assuming your live domain is on HTTPS? You probably need to get the inner exception of the 500 error to diagnose it further. If you're not sure how to do that in a production environment, you can follow this tutorial that allows you to write errors to a text file: kzbin.info/www/bejne/f2TXnXakaq9spqM

Please provide solution on this, Getting the same 500 error in production

Thanks Ilya.

The HomeController is fixed with the [Authorize] attribute. Therefore any action within that controller requires authentication before being authorised to view the page. The Index page doesn't require it as it has the [AllowAnonymous] attribute assigned to it. Action attributes take more priority than controller attributes. In Startup.cs, we have configured authentication to go through Google. This uses functionality in the Microsoft.AspNetCore.Authentication.Google NuGet package to handle authentication when it's required.

Hi Hao. Not sure to be honest. Never had any experience with Flutter.

Not sure if I follow what you are saying?

@@RoundTheCode The "Internal / External" users choice when managing consent has changed now. The External option wording now mentions that to start with, your app is in "test" mode and will only allow whitelisted test accounts to login until you publish it.

Hi Görkem, The CORS policy is the fix! So it's probably your implementation that isn't quite right. Make sure that the host of your Angular application is inside the CORS middleware in your API. Check out our article for more information. www.roundthecode.com/dotnet/getting-started-with-cors-in-asp-net-core

@@RoundTheCode Ok thank you so much for support. Im gonna check this out

Hi! I'm getting also a CORS issue using react. It seems be on the redirect: Access to XMLHttpRequest at 'accounts.google.com/o/oauth2/v2/auth?etc') from origin 'localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Do you have any idea what could be?

Good to hear Ranjit.

Thanks for your comment Roberto. I will bare that idea in mind when planning for my next videos.

Good to hear. Also, check out our new code examples page at www.roundthecode.com/code-examples.

So, "/account/google-login" sets a challenge which redirects to the Google Login screen. I'm assuming in the "Microsoft.AspNetCore.Authentication.Google" library, it has a "/signin-google" endpoint set up that looks out for the response from Google. From there, it can authenticate the user, and that allows us to display the claims returned from Google.

@@RoundTheCode thanks, now i understand

Hi Jose, ASP.NET Core in .NET 5 does have the controllers folder when you create an MVC app. See our video on dependency injection which is an ASP.NET Core in .NET 5 MVC app. kzbin.info/www/bejne/e5updmiaZ9F2jJY

With your Google project, you'd have to set up a separate sign in URL for each system I believe.

It won't. The "/signin-google" endpoint is setup within the Microsoft.AspNetCore.Authentication.Google package.

Good to hear Tait.

You can add the GoogleAuthentication plugin into any ASP.NET Core application. The question would be how you would build the login page to challenge Google.

Hi Prabdeep, Couple of things to check. - Have you input the authorized redirect URI (3:32 in the video)? Make sure the host & port number are the same as your application. Also, check it's https as well. - Try a different browser. An ad blocker may be preventing it. - Make sure the client ID & secret are correct in your ASP.NET Core application. The reason for your NullReferenceException is because Google hasn't successfully authenticated the user.

same issue

As mention on our Discord server to you, Identity Server has a lot of stuff to do with roles and permissions. You can use it with ASP.NET Core middleware like Google authentication.

Hi Onur, Make sure that the value in RedirectUri is routing properly. Otherwise, you'll need to share your code in GitHub as it's difficult to understand what's gone wrong.

You could do it in the normal way. Either by using Entity Framework, or ADO. You have the claims in your app, so you can do what you want with them.

@@RoundTheCode Thank you , Is there an instructional video?

Hi Andre, you have added the RedirectUri into your Google Cloud account?

@@RoundTheCode Yes...that appeared to be the issue. 😅 Both Google OAuth and .NET Core are new to me. After I did so everything became clear. Thanks for this awesome tutorial!

@@2k7Bertram Thanks Andre. Glad you got it sorted.

I'd recommend you download the sample for it, then you can see the project for yourself. www.roundthecode.com/asp-net-core-examples/google-authentication-example-mvc-application

@@RoundTheCode I’m the same guy from the server I should delete this

@@RoundTheCode thanks for replying I now have to make work with my database and add what I need to so I can work with what I need for this to add the proper values to my database section

I will have to look into that. But you can probably stick a breakpoint on the "result" variable in AccountController > GoogleResponse, and it's probably buried somewhere in that "result" instance.

@@RoundTheCode i tried it already nothing there. i did it with another method. thanks anyways

Hi Anil, You'll need to share your code as I'm not sure why you are getting that error.

Hi, Its the same code whatever you shared. Between, how do I share my code. Here itself?

@@anilkumarmootha3738 No you will need to create a GitHub repo and push it to that.

Hello Raghav, Please join our Discord server at roundthecode.com/discord, and share your code in a GitHub repository so we can have a look at it in a bit more detail.

You wouldn't have cookie authentication on an ASP.NET Core Web API. Instead, you would use something like OAuth security for that. Checkout our videos on that topic: kzbin.info/www/bejne/rKWwpX-micehe5o

@@RoundTheCode ok thanks

Thanks for your comments.

Hi Dipan, You will need to explain more as to what problem you are having. What error message are you getting? If you wish, join our Discord server at roundthecode.com/discord and chat about it in there.

@@RoundTheCode I'll join for sure, I followed each and every step, there was no error but when I run the app it doesn't show the login page!!

@@RoundTheCode i have just started, so if you could keep your language simple I would be very much thankful

Not sure. Are you able to provide more details? When is this error occuring?

Hey Pranjal, Join us on our Discord server at roundthecode.com/discord. Put your code into a GitHub repo & share the link on our Discord server so we can have a look for you.

It will be similar to Google from an ASP.NET Core point of view. But, you will have to set up an app with Microsoft for the client Id/secret.

@@RoundTheCode Thanks, I was able to implement microsoft login.

Hi Hoàng, Not really too sure what you mean by this. If recommend sharing your code on GitHub. Then, join us on our Discord server at roundthecode.com/discord and share the GitHub repository on there. Thanks.

As mentioned on our Discord server to you, you can sign out using HttpContext.SignOutAsync();

Hi Pejoyable. It's not something we have looked into, but doing a search on Google may help you find your answer.

Thanks Rohail.

Hi Diana. You've created an object, but not created a new instance of it. You need to call the new keyword to create a new instance of it.

My example is using Cookie authentication rather than OAuth authentication. If you want to get the claims principal after google-response, you can call HttpContext.User which is where it's stored.

Yes that is what this video is about.

It's good to get an understanding of how it works and how to configure it.

@@RoundTheCode I see what I wrote makes no sense I was talking about adding the nuget package through nuget vs typing the commands. For a beginner like me I think it would make sense to go through the manager so when I browse and search, it knows what to do with my mistakes if any when typing :)

Thanks for your comment, Sanjay.

Glad it was helpful!

Thanks Matt.

Already done one some years back. kzbin.info/www/bejne/rqvGdaKLhd5rg80

This is more for cookie authentication then using it for an API. You would probably want to focus going down the OAuth route for API authentication. This is where you give a client ID & secret to the client, and it generates an authorisation code & bearer token.

Have you tried HttpContext.SignOutAsync(); ?

You're welcome!

Thanks for your comments.

Thanks Amal.

Thanks for the comment.

Happy to help

My pleasure

That because it is me. Jon Skeet. I just got a mask on 🤣

Thanks Rahul

Good to hear. Thanks for your comments.

Thanks for the comment.

Thanks for your comments

Should I? Ok.

@@RoundTheCode you should take these steps to follow: 1. Context of tutorial 2. Which Technology is being used / gonna implement 3. Show final product / result, in first place 4. Take fresh solution, to take-on 5. Tutorial, should've to cover all surrounding concepts i.e. related in this regards... e.g. #Authentication#Authorization etc. how these are implemented in a real-life example... You have to make series of videos, i.e. specifies particular context in broad-manner... !!! ... People like us, will glad to have this vary RICH contextual based series of Videos...

This is concise and to the point for anyone looking to just get a skeleton code up and running, which is very appreciated. There are 5hr+ long video series out there already covering a lot more, but at that point it's faster to look at the msdn docs with their dotnet core samples.

@@hafizabdulmajidwaseer8658 Instead of saying useless, you can put recommendations. Its a first step NEAT AND SIMPLE video towards oauth. We can respect the authors time.