Server side of code foundation
Reference to :
-
Jwt
Easily configure jwt authentication by serialize model into claims and back :
builder.Services.ConfigureJwt<IdentityModel>( configure: static jwt => jwt.Secret = "Your secret key", validation: static async (identity,context) => { if (identity.Id < 0) context.Fail("Jwt token invalid"); }, denied: static context => "Your role has no permission", failed: static context => "You are an unauthorized audience" );
when inherit from BaseController, controllers can resolve identity like :
[ApiController] public class IdentityController : BaseController<IdentityController>{ [Autowired] private JwtConfigure<IdentityModel> configure; [HttpPost] [AllowAnonymous] public IActionResult MyToken([FromBody]IdentityModel identity){ return configure.CreateToken(identity); } [HttpGet] [Authorize] public IActionResult WhoAmI(){ return base.Identity<IdentityModel>(); } }
-
Cookie
Cookie authentication seems to be less related to identity model but you still need to provide it :
builder.Services.ConfigureCookie<IdentityModel>( denied: static context => "Your role has no permission", failed: static context => "You are an unauthorized audience" );
[ApiController] public class IdentityController : BaseController<IdentityController>{ [HttpPost] [AllowAnonymous] public async Task<IActionResult> SignInAsync([FromBody]IdentityModel identity){ base.SignInAsync(identity, "User"); return "Successfully login"; } [HttpGet] [Authorize] public async Task<IActionResult> SignOutAsync(){ await SignOutAsync(); return "Successfully logout"; } [HttpGet] [Authorize] public IActionResult WhoAmI(){ return base.Identity<IdentityModel>(); } }