Securing ASP.NET Applications

Опубликовано: 15 Октябрь 2024
на канале: Ervis Trupja

1,439

When it comes to securing ASP.NET applications, or any application in general, authentication and authorization play key roles. Authentication is the process of verifying a user’s identity. It checks if the user credentials are correct or not. Authorization, on the other hand, is the process of verifying a user’s roles.

This video provides an overview of token-based authentication, contrasting it with cookie-based methods. Learn how tokens and refresh tokens function, why token-based systems offer enhanced security with shorter expiration times, and the process of generating new tokens. Perfect for understanding secure data access in web applications.

You will learn:
✅ Authentication vs Authorization
✅ Cookie-based vs Token-based authentication
✅ Adding Identity tables using Entity Framework Core
✅ Configuring JWT in Startup.cs
✅ Setting up Authentication controller
✅ Registering a new user
✅ Generating access and a refresh token
✅ Logging in users
✅ Authenticating and authorizing users
✅ Generating a new access token using a refresh token
✅ Role-based authorization
----------------------------------------------------
Github repositories:
Before: https://github.com/etrupja/securing-a...
After: https://github.com/etrupja/securing-a...
----------------------------------------------------
Timestamps:

00:00:00 Introduction
00:01:12 Authentication vs Authorization
00:03:40 Traditional vs Token-based Authentication
00:13:21 Adding Identity tables with EFCore
00:21:03 Configuring Authentication in Startup.cs
00:32:06 Setting up Authentication Controller
00:36:53 Registering a new user
00:46:36 Generating an access and a refresh token
01:01:38 Logging in an existing user
01:13:09 Get access token using the refresh token
01:40:41 Adding role based authentication
02:01:55 Thank you