Jwt authentication api system is a .NET Core Web API. System provides endpoints for creating user and logging user with to receive Json Web Token (JWT) that could be used in external applications. Generated token will have claims that You can use in your app to authorize user. API also will provide endpoints for administrator.
Application is based on ASP.NET Core Web Api 8.0 (.NET 8) and uses Azure SQL as database. Unit test project is also based on .NET 8. C# language version is 12.
- JAA-0-SetUpSolutionAndProjects - Set up JWT Authentication API project and JWT Authentication API unit tests project.
- JAA-1-SetUpDatabaseWithUserAndSaltTables - Set up model for user and user password salt.
- JAA-2-ImplementPasswordHashing - Implement password hashing based on salt and pepper.
- JAA-3-ImplementLoggingUsingSerilog - Implement logging using serilog.
- JAA-4-ImplementRegisterEndpoint - Implement register endpoint
- JAA-5-ImplementConnectionToPostgreSQL - Implement Connection to PostgreSQL
- JAA-6-UpdateFrameworkToNet8 - Updated .NET version to .NET 8
- Implement password verifying.
- Implement login endpoint and return access grant.
- Implement class that will create JWT based on secret and claims.
- Implement log in endpoint that returns JWT.
- Implement create admin user endpoint that will authorize if provided JWT is correct.
TODO
-
Clone repository from main branch.
-
Create appsettings.json file and provide connection strings (Look - Configuration).
-
Go to JwtAuthenticationApi project file, and open powershell.
A. Type
dotnet ef migrations add InitialMigrationForUser --context UserContextThis will create initial migration for user identity database.
B. Type
dotnet ef migrations add InitialMigrationForPasswordSalt --context PasswordSaltContextThis will create initial migration for password salt database.
C. Type:
dotnet ef database update --context UserContextThis command will update your user identity database.
D. Type:
dotnet ef database update --context PasswordSaltContextThis command will update your password salt database.
-
In this same location type:
dotnet run
To run application locally. After this you should see in console that application is running. Hit CTRL+C to stop application.
- Any - ver. 9.2.0
- coverlet.collector - ver. 3.2.0
- EmailValidation - ver. 1.0.8
- FluentAssertions - ver. 6.10.0
- Microsoft.EntityFrameworkCore - ver. 8.0.0
- Microsoft.EntityFrameworkCore.Design - ver. 8.0.0
- Microsoft.NET.Test.Sdk - ver. 17.5.0
- NSubstitute - ver. 5.0.0
- NUnit - ver. 3.13.3
- NUnit.Analyzers - ver. 3.6.1
- NUnit3TestAdapter - ver. 4.4.2
- Npgsql.EntityFrameworkCore.PostgreSQL - ver. 8.0.0
- Polly - ver. 7.2.3
- Serilog - ver 2.12.0
- Serilog.AspNetCore - ver. 6.1.0
- Serilog.Enrichers.Thread ver. 3.1.0
- Serilog.Sinks.Async ver. 1.5.0
- Serilog.Sinks.Console ver. 4.1.0
- Serilog.Sinks.File ver. 5.0.0
- SerilogWeb.Classic ver. 5.1.66
- SerilogWeb.Classic.WebApi ver. 4.0.5
- Swashbuckle.AspNetCore - ver. 6.5.0
- TddXt.Any.Extensibility - ver. 6.7.0
To run your app correctly you have to provide correct values in appsettings.json file in JwtAuthenticationApi file. Json file should look like this:
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
},
"AllowedHosts": "*",
"DatabaseConnectionStrings": {
"IdentityDatabaseConnectionString": "Connection string to identity database",
"SaltDatabaseConnectionString": "Connection string to database that contains salt"
},
"PasswordPepper": {
"Pepper": "Your secret password pepper, It is better to have it as long as possible"
}
}