Code maze is one of the best resources available for learning C# and other technologies (especially C#). The effort they have made is very appreciable.. One thing i want to ask code maze team is to do a short article or blog on how they learn programming concepts and how they approach a particular problem while building application. Thank you so much. :D
Generating JWT token and protecting our api resources looks simple and powerful. But I have a query why we need Identity server to do the same job? Does Identity/duende server handles any additional security related stuff?
The main reason for Duende/IS4 is because they can handle multiple APIs for example as a single token resource. On the other hand, with this JWT implementation, you have to implement it for each API separately. Duende is an external token provider, thus it is possible to protect multiple apps with it. You just have to register different clients/apis inside the Duende's configuration.
If you mean how to extract the claims on the API side once the request hits the action, you can use the User object: var claims = User.Claims.Select(c => $"{c.Type}: {c.Value}").ToList();
Of course you can use the database instead of hardcoding the user credentials. There are a lot of articles on our site to help you with that. For example, you can check all three articles from this series. We already linked this one in the description. From that one, you can follow all the other ones. The last one related to refresh token logic, has the user credentials moved to db.
Thanks for yet another useful series. Really looking forward to the next episode. Just wondering instead of storing the JWT on local storage can you store it in session storage? I assume local storage is not secure and preferably session storage will be preferred?
You can do that quite easily. But we didn't yet come to that part :D :D But as I said, you can do that by using the sessionStorage object in Angular. All the other functionality is the same because it uses the methods with same names as the localStorage. Just pay attention that once the user closes the tab, the jwt will be lost from the session storage.
Hi, I tried implementing this using your book as guide. I use MySQL as the database and when I try adding a User with a Role, I got an exception error: Cannot add or update a child row: a foreign key constraint fails (`companyemployee`.`aspnetuserroles`, CONSTRAINT `FK_AspNetUserRoles_AspNetUsers_UserId` FOREIGN KEY (`UserId`) REFERENCES `aspnetusers` (`Id`) ON DELETE CASCADE). I hope you can help me with this.
Hello Carl. Well, it looks as if you are trying to insert a row in the AspUserRoles table with values that don't match the parent table AspNetUsers or AspNetRoles. Maybe this will help you: stackoverflow.com/questions/21659691/error-1452-cannot-add-or-update-a-child-row-a-foreign-key-constraint-fails
Hi sir that's a very good tutorial, firstly thankyou for this. I have one request to make can you make a project like shopping cart or ecommerce type using angular , sql/mysql and asp.net core. It is usually used in small projects and that will help many of the audience too. thankyou
After the token is generated in postman i copied it and used it under Bearer token in the postman authorization tab in customer endpoint data but i still get 401 i don't know why,
You can always navigate to our article, it is linked in the description section, and then download the source code. Then you can compare with yours to see what is different.
Well, I've mentioned in the video that you can find the source code in the article linked in the description section. This is the link to the article: code-maze.com/authentication-aspnetcore-jwt-1/. There, you will find the source code link
I really don't know. I need more info about the error. My suggestion is to download our source code and compare it to yours. You will find the difference for sure.
actually in output you are displaying[in your 2nd part of vedio ] the customers using get method right ,using 'localhost:64622/api/customer/Get' like this we will be getting , but it is telling some error
![แฉกลโกงงานวัด 2024 [ โกงมั้ยครับ ep.106 ] | DOM](http://i.ytimg.com/vi/taC5dpP3HXA/mqdefault.jpg)
![ILLSLICK X YOUNGOHM - We're The same [Official Video]](http://i.ytimg.com/vi/yUJNkobYR0E/mqdefault.jpg)
Thank you all for watching and for your support.
►► If you want to check out all our courses you can do that here: courses.code-maze.com/courses/
Code maze is one of the best resources available for learning C# and other technologies (especially C#). The effort they have made is very appreciable.. One thing i want to ask code maze team is to do a short article or blog on how they learn programming concepts and how they approach a particular problem while building application. Thank you so much. :D
Thanks Niraj for the support. It is an interesting suggestion, we will see what we can do about it.
One of my favorite and all time helping sites, keep it up dude :-)
Thanks, will do!
Awesome tutorial. Learned how to implement JWT Authentication. The explanation is very clear. Thanks for sharing your knowledge.
Glad it was helpful!
great explanation, easy to follow you step by step and understand. Many thanks!
Glad it was helpful!
Great explanation!🔥
Glad you think so! Thanks for watching the video.
Great and simple tutorial ever. Thanks for sharing
Thank you! We'll try to keep it up.
I supposed I know authentication but after the video I know more and more , thanks very much for these videos and waiting the rest of the series.
Thank you for supporting us.
Works perfect! Thanks!
You're welcome! I'm glad this still works even though the video is a bit older one.
Great work! Thanks!
Our pleasure! Glad you like it.
Hi, I am looking for authentication and authorization in a .net core microservice architecture. Do you have any video related to that ?
Hi, not yet, maybe in the future.
Very good vidéo !
Thank you. I'm glad you like it.
Really helpful your videos. Please upload the identity server 4 videos
Thank you. We will. But until we do, you can read more about that topic on our blog code-maze.com/identityserver-4-series/
@@CodeMaze Great Thans
Short and sweet
Thank you.
thanks for this excellent work.
Glad it helps!
What would I do without these step by step videos. Hmmm....... Probably find a different job.
:D :D :D
Generating JWT token and protecting our api resources looks simple and powerful. But I have a query why we need Identity server to do the same job? Does Identity/duende server handles any additional security related stuff?
The main reason for Duende/IS4 is because they can handle multiple APIs for example as a single token resource. On the other hand, with this JWT implementation, you have to implement it for each API separately. Duende is an external token provider, thus it is possible to protect multiple apps with it. You just have to register different clients/apis inside the Duende's configuration.
@@CodeMaze that's great and I'm super excited about this. Thank you !!!
Hi Thanks for amazing video. Could you please explain how we can read or parse the token back from angular app request
If you mean how to extract the claims on the API side once the request hits the action, you can use the User object:
var claims = User.Claims.Select(c => $"{c.Type}: {c.Value}").ToList();
@@CodeMaze Thanks for your quick response
can i check what is the code i need to make to the database instead of using the hardcoded code
Of course you can use the database instead of hardcoding the user credentials. There are a lot of articles on our site to help you with that. For example, you can check all three articles from this series. We already linked this one in the description. From that one, you can follow all the other ones. The last one related to refresh token logic, has the user credentials moved to db.
Excellent
Thanks
Waiting for part 2
Will be published soon. Thank you.
@@CodeMaze wwwwwwywwwwwwwwwwwwwww
Wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
Wwwwwwwwwwwwwwwwwwwwwwwwww
Wwwwwwwwww ww
Sade ve net olmuş teşekkürler
Well, I had to get it translated but, thanks a lot. We are glad it was helpful to you.
@@CodeMaze It's simple and clear, thank you. Often shown in complex structures and this can be confusing.
Thanks for yet another useful series. Really looking forward to the next episode. Just wondering instead of storing the JWT on local storage can you store it in session storage? I assume local storage is not secure and preferably session storage will be preferred?
You can do that quite easily. But we didn't yet come to that part :D :D But as I said, you can do that by using the sessionStorage object in Angular. All the other functionality is the same because it uses the methods with same names as the localStorage. Just pay attention that once the user closes the tab, the jwt will be lost from the session storage.
@@CodeMaze I think when the browser is closed not just the tab
Thank you...
You're welcome!
Hi, I tried implementing this using your book as guide. I use MySQL as the database and when I try adding a User with a Role, I got an exception error: Cannot add or update a child row: a foreign key constraint fails (`companyemployee`.`aspnetuserroles`, CONSTRAINT `FK_AspNetUserRoles_AspNetUsers_UserId` FOREIGN KEY (`UserId`) REFERENCES `aspnetusers` (`Id`) ON DELETE CASCADE). I hope you can help me with this.
Hello Carl. Well, it looks as if you are trying to insert a row in the AspUserRoles table with values that don't match the parent table AspNetUsers or AspNetRoles. Maybe this will help you: stackoverflow.com/questions/21659691/error-1452-cannot-add-or-update-a-child-row-a-foreign-key-constraint-fails
@@CodeMaze Thank you I found the error.
Thanks
Welcome
Hi sir that's a very good tutorial, firstly thankyou for this. I have one request to make can you make a project like shopping cart or ecommerce type using angular , sql/mysql and asp.net core. It is usually used in small projects and that will help many of the audience too.
thankyou
Thanks a lot. We will give our best, just right now, we are in the middle of the Blazor WebAssembly video course.
@@CodeMaze okay sir :)
After the token is generated in postman i copied it and used it under Bearer token in the postman authorization tab in customer endpoint data but i still get 401 i don't know why,
You can always navigate to our article, it is linked in the description section, and then download the source code. Then you can compare with yours to see what is different.
Just in time
It is always right time for security :D
Can u send me the source code link
Well, I've mentioned in the video that you can find the source code in the article linked in the description section. This is the link to the article: code-maze.com/authentication-aspnetcore-jwt-1/. There, you will find the source code link
authorize is not working why
I really don't know. I need more info about the error. My suggestion is to download our source code and compare it to yours. You will find the difference for sure.
actually in output you are displaying[in your 2nd part of vedio
] the customers using get method right ,using 'localhost:64622/api/customer/Get' like this we will be getting , but it is telling some error
Well, the localhost:64622/api/customer/Get URI is a bad one. You should use it without the final Get part: localhost:64622/api/customers
@@CodeMaze yes i have changed that one , now it is telling unauthorized 401 error in console , even if that role is same
Maybe the token is not good, that's why I suggested to compare your code with our source code.
i am implementing token based and role based, but it is giving 401 error of unauthorized , i have not implemented @auth0/angular-jwt