after searching many days i found good video on jwt token. i have confusion: 1) you added issuer, audience, Key in appsetting.json file. when i build where can i get. can i use randomly? 2) if i did not use one mthod with authorize filter can i access directly without token or authentication/login? 3) why you used postman here. can not use swgger all time? can you please explain?
Hi, welcome to my channel and thanks for the comment. Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
I think the reason why Users were added in the parameters would be in order to create the claims object. Typically the claims object holds some identifiers , such as username, those claims would then be baked into the payload section of the token. The implementation would go like something along these lines: private string GenerateToken(User user) { List myClaims = new List { new Claim(ClaimTypes.Name, user.Username) }; var sercurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(config["Jwt:Key"]!)); var credentials = new SigningCredentials(sercurityKey, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( config["Jwt:Issuer"], config["Jwt:Audience"], claims: myClaims, expires: DateTime.Now.AddMinutes(15), signingCredentials: credentials); return new JwtSecurityTokenHandler().WriteToken(token); }
Hi, welcome to my channel and thanks for the comment. For any queries, kindly ping me on WhatsApp +91 8826791246 or connect on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Kindly follow me on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Kindly connect and follow on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Could you connect on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi Rahul, welcome to my channel and thanks for the comment. I will try to create the same soon if you are looking for some customized application then kindly connect with me on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Kindly connect and follow on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. For any queries, kindly ping me on WhatsApp +91 8826791246 or connect on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi Virendra, welcome to my channel and thanks for the comment. Yes, you are right. Once the token expires then the user has to regenerate the token in order to access the APIs. For any other query kindly follow and connect with me on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
JWT tokens generally stored in httponly cookie to make it secure, what you are saying like sharing the user name and password with other users... Think about it
think in real time case, for ex: there is an app which needs user id and password from the user, once user entered those credentials, our api what it will do is it will validate the credentials from database end. If user credentials are existed it will generate token and it will add the token into header and it will pass this client app (UI), once user is authenticated, next time when user wants to access the other controller/api , as in http header will get the token like how he passed the token from postman, in the same way from client app also, we will get the token and it can access the api. And you told that Can i use the other user's token to another user login, How it will workout!!! either you have to sign out or you have to log in from one more client app which is from other device. Please excuse my english grammer mistakes!!😀
@@amritnepal14 both are quite different as per my knowledge, in this video, buddy explained about both the cases 1. Authentication ( when user trying login , api should validate the user credentials and generate a token on successful login. ) 2. Authorization (when user trying to access the api which is decorated with authorize attribute, in this case we are able to access the api by passing the token as authorization. I hope you understood!!!
Hi, welcome to my channel and thanks for the comment. For any queries, kindly ping me on WhatsApp +91 8826791246 or connect on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
Hi, welcome to my channel and thanks for the comment. Kindly connect on WhatsApp +91 88267 91246 or on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍.
Hi, welcome to my channel and thanks for the comment. Please connect on WhatsApp on this number +91 9625701241 or message me on my Instagram @manojdeshwal.dev. Keep learning and supporting.
Hi Javed, welcome to my channel and thanks for the comment. Kindly connect on Instagram @openprogrammer is my Instagram handle. Keep learning and supporting 👍
It Showing Error while Installing the package, how can i resolve this Error: Could not install package 'Microsoft.AspNetCore.Authentication.JwtBearer 8.0.0'. You are trying to install this package into a project that targets '.NETFramework,Version=v4.7.2', but the package does not contain any assembly references or content files that are compatible with that framework. For more information, contact the package author.
after searching many days i found good video on jwt token.
i have confusion:
1) you added issuer, audience, Key in appsetting.json file. when i build where can i get. can i use randomly?
2) if i did not use one mthod with authorize filter can i access directly without token or authentication/login?
3) why you used postman here. can not use swgger all time?
can you please explain?
Simple & easy way Thank you Manoj
Most welcome 😊
Finally the best video I got about JWT. Their a lot of confusion before . Thank you a lot
Thanks
Great explanation ❤ Finally I learned how to use auth middleware with JWT Token ✌️👏🏻
Everything is fine but in real time jwt token is generated in one api, and authorization done is another api, how to perform this sir, please reply me
very clear explanation Thanks a lot Manoj!!
HelpFull Vedio Thank you sir
Simple video and explanation. Thanks.
very nice video, and detailed explanation.. superb
Very well explained. Thank you.
all thanksss tooo youuu bhaiayyaa... cannt sayyy it helpeeddd a lotttt .... u r the besttttt
Thank you Bro !!! simple and easy way to understand
Thank You from Tamilnadu
very well explained. Thank you Sir.
Very helpful
Very Simple and Easy.
Thank you 😊
Thank you !!! simple and easy to understand
Hi, welcome to my channel and thanks for the comment.
Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
Very clear 👏🏽🇿🇦 Thanks
You’re welcome 😊
Excellent video. Thanks a lot.
You are welcome!
very good explanation , subscribed! thank u , and pls keep sharing more
Very useful 🙏🙏
v good manooj
Why did you use GenerateToken(Users users) if users is not used in this method?
I think the reason why Users were added in the parameters would be in order to create the claims object. Typically the claims object holds some identifiers , such as username, those claims would then be baked into the payload section of the token.
The implementation would go like something along these lines:
private string GenerateToken(User user)
{
List myClaims = new List
{
new Claim(ClaimTypes.Name, user.Username)
};
var sercurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(config["Jwt:Key"]!));
var credentials = new SigningCredentials(sercurityKey, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
config["Jwt:Issuer"],
config["Jwt:Audience"],
claims: myClaims,
expires: DateTime.Now.AddMinutes(15),
signingCredentials: credentials);
return new JwtSecurityTokenHandler().WriteToken(token);
}
Why do we need to give same value for issuer and audience?
Thank you so much, sir. This video helps me a lot.
Hi, welcome to my channel and thanks for the comment. For any queries, kindly ping me on WhatsApp +91 8826791246 or connect on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
Thankyou so much sir, for making this video. this video more help to me.
Hi, welcome to my channel and thanks for the comment. Kindly follow me on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
thank you so much brother god bless you !!!!!!!!!!!!
Thank you, this tutorial helped me lot!
Hi, welcome to my channel and thanks for the comment.
Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
Hi Manoj, token expiration not working. I have put 1 min but after 1 min its not expiring. thanks for this video.
Hi, welcome to my channel and thanks for the comment. Kindly connect and follow on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
@@ManojDeshwal ok thanks
Thank you, you are the best ❤❤
Can you demo follow this video using dynamic user with database and using store procedure
Hi, welcome to my channel and thanks for the comment. Could you connect on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
What is the difference between Claim and Signature? what does each one reference?
Hi, welcome to my channel and thanks for the comment.
Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
Sir please make this video with entity framework .
Hi Rahul, welcome to my channel and thanks for the comment. I will try to create the same soon if you are looking for some customized application then kindly connect with me on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
Am getting 401 error after execute the loginuser
Very useful
great
Thank you
Thanks sir for this
Hi, welcome to my channel and thanks for the comment. Kindly connect and follow on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
if i change my username or password then how login
How to do this with db connection
Hi, welcome to my channel and thanks for the comment. For any queries, kindly ping me on WhatsApp +91 8826791246 or connect on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
What happens when token gets expired? will user need to re send the credentials?
Hi Virendra, welcome to my channel and thanks for the comment. Yes, you are right. Once the token expires then the user has to regenerate the token in order to access the APIs. For any other query kindly follow and connect with me on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
❤
thanks
how we can set up swagger ?
Hi, welcome to my channel and thanks for the comment.
Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
it will come by default !!
What if I create token with one user and use it for another user how to make sure tokern is passed by the user that created it.
?
JWT tokens generally stored in httponly cookie to make it secure, what you are saying like sharing the user name and password with other users...
Think about it
think in real time case, for ex: there is an app which needs user id and password from the user, once user entered those credentials, our api what it will do is it will validate the credentials from database end. If user credentials are existed it will generate token and it will add the token into header and it will pass this client app (UI), once user is authenticated, next time when user wants to access the other controller/api , as in http header will get the token like how he passed the token from postman, in the same way from client app also, we will get the token and it can access the api. And you told that Can i use the other user's token to another user login, How it will workout!!! either you have to sign out or you have to log in from one more client app which is from other device. Please excuse my english grammer mistakes!!😀
@@amritnepal14 both are quite different as per my knowledge, in this video, buddy explained about both the cases 1. Authentication ( when user trying login , api should validate the user credentials and generate a token on successful login. )
2. Authorization (when user trying to access the api which is decorated with authorize attribute, in this case we are able to access the api by passing the token as authorization.
I hope you understood!!!
At 9.18 how to give the website name
Hi, welcome to my channel and thanks for the comment. For any queries, kindly ping me on WhatsApp +91 8826791246 or connect on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
Thankyou so much bro,if possible can you provide the github link of this bro
Hi, welcome to my channel and thanks for the comment.
Kindly connect on WhatsApp +91 8826791246 or on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
why did you uncheck https
For not getting http error
how to add sql database in this ?
Hi, welcome to my channel and thanks for the comment. Kindly connect on WhatsApp
+91 88267 91246 or on Instagram @openprogrammer
is my Instagram handle.
Keep learning and supporting 👍.
resolved
I need your help
Hi, welcome to my channel and thanks for the comment. Please connect on WhatsApp on this number +91 9625701241 or message me on my Instagram @manojdeshwal.dev.
Keep learning and supporting.
Bhai mujhe aapse paid class Leni hai
Hi Javed, welcome to my channel and thanks for the comment. Kindly connect on Instagram @openprogrammer is my Instagram handle.
Keep learning and supporting 👍
Hi Bro, It's failed to get load swagger in .net 8 "giving internal server error"
It Showing Error while Installing the package, how can i resolve this Error:
Could not install package 'Microsoft.AspNetCore.Authentication.JwtBearer 8.0.0'. You are trying to install this package into a project that targets '.NETFramework,Version=v4.7.2', but the package does not contain any assembly references or content files that are compatible with that framework. For more information, contact the package author.
in that case, you can choose the package of version 6.0.0, It will work!!!
Thanks manoj
How to add sql database in this
Thanks