GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → matthewblott → Simple_aspnet_auth

matthewblott / Simple_aspnet_auth

Simple ASP.NET Authorisation boilerplate project. No EF, no database, no IdentityServer4 just a basic logging in system for both cookies and JWT and a controller with a set of examples.

Labels

authorizationaspnetcoresimpleaspnet

Projects that are alternatives of or similar to Simple aspnet auth

Nswag
The Swagger/OpenAPI toolchain for .NET, ASP.NET Core and TypeScript.
Stars: ✭ 4,825 (+4495.24%)
Mutual labels:  aspnetcore, aspnet
Aspnetboilerplate
ASP.NET Boilerplate - Web Application Framework
Stars: ✭ 10,061 (+9481.9%)
Mutual labels:  aspnetcore, aspnet
Dotvvm
Open source MVVM framework for Web Apps
Stars: ✭ 523 (+398.1%)
Mutual labels:  aspnetcore, aspnet
RoleBasedAuthWithBlazor
Companion code sample for my blog post - Configuring Role-based Authorization with client-side Blazor
Stars: ✭ 22 (-79.05%)
Mutual labels:  aspnetcore, authorization
Server
The core infrastructure backend (API, database, Docker, etc).
Stars: ✭ 8,797 (+8278.1%)
Mutual labels:  aspnetcore, aspnet
Aspnet Core Jwt Authentication Api
ASP.NET Core 2.2 JWT Authentication API
Stars: ✭ 272 (+159.05%)
Mutual labels:  aspnetcore, aspnet
Nopcommerce
The most popular open-source eCommerce shopping cart solution based on ASP.NET Core
Stars: ✭ 6,827 (+6401.9%)
Mutual labels:  aspnetcore, aspnet
run-aspnet-grpc
Using gRPC in Microservices for Building a high-performance Interservice Communication with .Net 5. See gRPC Microservices and Step by Step Implementation on .NET Course w/ discount->
Stars: ✭ 82 (-21.9%)
Mutual labels:  aspnetcore, aspnet
Aspnetcore Vue
Sample setup on using asp.net core 2.1 + vue cli 3 in one project. This sample is deprecated and rolled into https://github.com/soukoku/AspNetCore.SpaServices.VueCli
Stars: ✭ 31 (-70.48%)
Mutual labels:  aspnetcore, aspnet
Awesome Microservices Netcore
💎 A collection of awesome training series, articles, videos, books, courses, sample projects, and tools for Microservices in .NET Core
Stars: ✭ 865 (+723.81%)
Mutual labels:  aspnetcore, aspnet
casbin-aspnetcore
Casbin.NET integration and extension for ASP.NET Core
Stars: ✭ 39 (-62.86%)
Mutual labels:  aspnetcore, authorization
Aspnetcore.docs
Documentation for ASP.NET Core
Stars: ✭ 9,940 (+9366.67%)
Mutual labels:  aspnetcore, aspnet
rbac-react-redux-aspnetcore
A starter template for creating JWT token from ASP.NET Core API project and applying that JWT token authentication on React application
Stars: ✭ 54 (-48.57%)
Mutual labels:  aspnetcore, authorization
Aspnet Core 3 Jwt Authentication Api
ASP.NET Core 3.1 JWT Authentication API
Stars: ✭ 443 (+321.9%)
Mutual labels:  aspnetcore, aspnet
abp-push
Push Notification System for ASP.NET Boilerplate
Stars: ✭ 16 (-84.76%)
Mutual labels:  aspnetcore, aspnet
Aspnet5identityserverangularimplicitflow
OpenID Connect Code / Implicit Flow with Angular and ASP.NET Core 5 IdentityServer4
Stars: ✭ 670 (+538.1%)
Mutual labels:  aspnetcore, authorization
JwtAuthDemo
ASP.NET Core + Angular JWT auth demo; integration tests; login, logout, refresh token, impersonation, authentication, authorization; run on Docker Compose.
Stars: ✭ 278 (+164.76%)
Mutual labels:  aspnetcore, authorization
aspnet-core-3-basic-authentication-api
ASP.NET Core 3.1 - Basic HTTP Authentication API
Stars: ✭ 70 (-33.33%)
Mutual labels:  aspnetcore, aspnet
Csla
A home for your business logic in any .NET application.
Stars: ✭ 865 (+723.81%)
Mutual labels:  aspnetcore, aspnet
Aspnetcore Vue Starter
*NEW* Asp.net Core & Vue.js (ES6) SPA Starter kit - Vuex, webpack, Web API, Docker, and more! By @TrilonIO
Stars: ✭ 1,182 (+1025.71%)
Mutual labels:  aspnetcore, aspnet
View All Similar Projects ➔

simple_aspnet_auth

Simple ASP.NET Authorisation boilerplate project. No EF, no database, no IdentityServer4, no session storage, just a basic logging in system for both cookies and JWT with a couple of authorisation policies and a controller with a set of examples.

Getting Started

To get up and running just cd to the root where the .csproj file resides and run the following commands.

cd examples/cookies+api
dotnet run

Examples

The app simulates a basic group based admin system. There are three groups users can be members of: users, superusers and admins. All users are members of the users group but not all are members of superusers and or admins and there are parts of the app that use the Authorize attribute with policy based access to filter access.

There are a series of logins to test out. The home page has a table of the available users and passwords and indicates if a user is a member of superusers and / or admins.

You can then run the series of tests below and see which sections you are able to view dependent upon login. All the tests make calls to the ExampleController class.

Cookies

Browse to http://localhost/auth and if you are logged in under any user you should see the following.

Only authenticated cookie based requests from superusers receive this message.

Browse to http://localhost/superuser and if you are logged in under a user in either superusers or admins you should see the following.

Only authenticated cookie based requests from superusers receive this message.

Browse to http://localhost/admin and if you are logged in under a user in admins you should see the following.

Only authenticated cookie based requests from admins receive this message.

JWT

The first command gets a token which will be needed for subsequent requests. In the example below the user admin with the password password is used but there are other logins to test which will give different results.

curl -X POST http://localhost:5000/api/login -H "Content-Type: application/x-www-form-urlencoded" -d "Name=admin&Password=password"

The above command should result in something similar to the following (obviously the token value will be different).


{  
   "token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJhZG1pbkBkb21haW4iLCJqdGkiOiJkNGM5MDE0Zi0zOGYxLTQ3NTItODU3YS03ZTc0YzU0MjY3ZDciLCJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoiYWRtaW4iLCJhZG1pbnMiOiIxIiwic3VwZXJ1c2VycyI6IjIiLCJ1c2VycyI6IjMiLCJleHAiOjE1MDQzODk0NTEsImlzcyI6Imh0dHA6Ly9sb2NhbGhvc3Q6NTAwMC9hcGkvIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MDAwL2FwaS8ifQ.gFnf39Vj16vEmcI1HdwPajH6sRHusxtjZ2eh0Xc1cJs"
}

The token value is then used with subsequent requests. For the examples below replace TOKEN_VALUE with whatever value is obtained from the step above.

curl http://localhost:5000/api/auth -H "Authorization: Bearer TOKEN_VALUE"

No matter what user your token is for you should see the following.

Only authenticated token based requests receive this message.

The following test will work for users in either superusers or admins.

curl http://localhost:5000/api/superuser -H "Authorization: Bearer TOKEN_VALUE"

The above command should produce the following.

Only authenticated token based requests from superusers receive this message.

The following test will work for users in admins.

curl http://localhost:5000/api/admin -H "Authorization: Bearer TOKEN_VALUE"

The above command should produce the following.

Only authenticated token based requests from admins receive this message.

The following example illustrates manipulating the JWT, the code is in the TokenInfo method of the ExampleController class.

curl http://localhost:5000/api/tokeninfo -H "Authorization: Bearer TOKEN_VALUE"

Any authenticated user should be presented with something similar to the following.


{  
   "token":{  
      "actor":null,
      "audiences":[  
         "http://localhost:5000/api/"
      ],
      "claims":[  
         {  
            "issuer":"http://localhost:5000/api/",
            "originalIssuer":"http://localhost:5000/api/",
            "properties":{  

            },
            "subject":null,
            "type":"sub",
            "value":"[email protected]",
            "valueType":"http://www.w3.org/2001/XMLSchema#string"
         },
         {  
            "issuer":"http://localhost:5000/api/",
            "originalIssuer":"http://localhost:5000/api/",
            "properties":{  

            },
            "subject":null,
            "type":"jti",
            "value":"f85815ae-69c4-4fec-8553-bc1199e3cdce",
            "valueType":"http://www.w3.org/2001/XMLSchema#string"
         },
         {  
            "issuer":"http://localhost:5000/api/",
            "originalIssuer":"http://localhost:5000/api/",
            "properties":{  

            },
            "subject":null,
            "type":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
            "value":"admin",
            "valueType":"http://www.w3.org/2001/XMLSchema#string"
         },
         {  
            "issuer":"http://localhost:5000/api/",
            "originalIssuer":"http://localhost:5000/api/",
            "properties":{  

            },
            "subject":null,
            "type":"admins",
            "value":"1",
            "valueType":"http://www.w3.org/2001/XMLSchema#string"
         },
         {  
            "issuer":"http://localhost:5000/api/",
            "originalIssuer":"http://localhost:5000/api/",
            "properties":{  

            },
            "subject":null,
            "type":"superusers",
            "value":"2",
            "valueType":"http://www.w3.org/2001/XMLSchema#string"
         },
         {  
            "issuer":"http://localhost:5000/api/",
            "originalIssuer":"http://localhost:5000/api/",
            "properties":{  

            },
            "subject":null,
            "type":"users",
            "value":"3",
            "valueType":"http://www.w3.org/2001/XMLSchema#string"
         },
         {  
            "issuer":"http://localhost:5000/api/",
            "originalIssuer":"http://localhost:5000/api/",
            "properties":{  

            },
            "subject":null,
            "type":"exp",
            "value":"1504392381",
            "valueType":"http://www.w3.org/2001/XMLSchema#integer"
         },
         {  
            "issuer":"http://localhost:5000/api/",
            "originalIssuer":"http://localhost:5000/api/",
            "properties":{  

            },
            "subject":null,
            "type":"iss",
            "value":"http://localhost:5000/api/",
            "valueType":"http://www.w3.org/2001/XMLSchema#string"
         },
         {  
            "issuer":"http://localhost:5000/api/",
            "originalIssuer":"http://localhost:5000/api/",
            "properties":{  

            },
            "subject":null,
            "type":"aud",
            "value":"http://localhost:5000/api/",
            "valueType":"http://www.w3.org/2001/XMLSchema#string"
         }
      ],
      "encodedHeader":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
      "encodedPayload":"eyJzdWIiOiJhZG1pbkBkb21haW4iLCJqdGkiOiJmODU4MTVhZS02OWM0LTRmZWMtODU1My1iYzExOTllM2NkY2UiLCJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoiYWRtaW4iLCJhZG1pbnMiOiIxIiwic3VwZXJ1c2VycyI6IjIiLCJ1c2VycyI6IjMiLCJleHAiOjE1MDQzOTIzODEsImlzcyI6Imh0dHA6Ly9sb2NhbGhvc3Q6NTAwMC9hcGkvIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MDAwL2FwaS8ifQ",
      "header":{  
         "alg":"HS256",
         "typ":"JWT"
      },
      "id":"f85815ae-69c4-4fec-8553-bc1199e3cdce",
      "issuer":"http://localhost:5000/api/",
      "payload":{  
         "sub":"[email protected]",
         "jti":"f85815ae-69c4-4fec-8553-bc1199e3cdce",
         "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name":"admin",
         "admins":"1",
         "superusers":"2",
         "users":"3",
         "exp":1504392381,
         "iss":"http://localhost:5000/api/",
         "aud":"http://localhost:5000/api/"
      },
      "innerToken":null,
      "rawAuthenticationTag":null,
      "rawCiphertext":null,
      "rawData":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJhZG1pbkBkb21haW4iLCJqdGkiOiJmODU4MTVhZS02OWM0LTRmZWMtODU1My1iYzExOTllM2NkY2UiLCJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoiYWRtaW4iLCJhZG1pbnMiOiIxIiwic3VwZXJ1c2VycyI6IjIiLCJ1c2VycyI6IjMiLCJleHAiOjE1MDQzOTIzODEsImlzcyI6Imh0dHA6Ly9sb2NhbGhvc3Q6NTAwMC9hcGkvIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MDAwL2FwaS8ifQ.AXpvgAE3ZFN8EnRVSkLUt0iCaFTySFnMTfSx_kWYFDk",
      "rawEncryptedKey":null,
      "rawInitializationVector":null,
      "rawHeader":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
      "rawPayload":"eyJzdWIiOiJhZG1pbkBkb21haW4iLCJqdGkiOiJmODU4MTVhZS02OWM0LTRmZWMtODU1My1iYzExOTllM2NkY2UiLCJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoiYWRtaW4iLCJhZG1pbnMiOiIxIiwic3VwZXJ1c2VycyI6IjIiLCJ1c2VycyI6IjMiLCJleHAiOjE1MDQzOTIzODEsImlzcyI6Imh0dHA6Ly9sb2NhbGhvc3Q6NTAwMC9hcGkvIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MDAwL2FwaS8ifQ",
      "rawSignature":"AXpvgAE3ZFN8EnRVSkLUt0iCaFTySFnMTfSx_kWYFDk",
      "securityKey":null,
      "signatureAlgorithm":"HS256",
      "signingCredentials":null,
      "encryptingCredentials":null,
      "signingKey":null,
      "subject":"[email protected]",
      "validFrom":"0001-01-01T00:00:00",
      "validTo":"2017-09-02T22:46:21Z"
   }
}

Cookies and JWT

The address http://localhost/auth is available for both cookie and JWT based logins and the user should see the following message after execution.

Only authenticated requests receive this message.
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].