Complete and simple authentification implementation in a microservice based infrastructure addable to your project. Containing a simple login & registration system with cryptographic methods and tools for more security. Adding Ocelot as Api gateway and synchronous method for communication between user service and authentification service. Adding all this solution in a docker environnement. Creating persistent connexion through cookies methods.
- AuthService : Managing authentification with tokens and secure cookies + session handler
- OtherService : Containing User model (use this service according to your needs) it contains only one model used to manage user informations and show you the purpose of micro-services and how to use it
- ApiGateway : Acts as a single point of entry for customers who wish to access different services of your application
- JWT authorization and restrictions
- Using claims in requests
- Session creation and keeping sessionId in secured and signed cookie
- JWT stored in secured and signed cookie
- Middlewares verifying JWT & Cookies integrity
- Using cryptography methods to hash cookie values
Cookies are signed with secret keys in appsettings.json
. When passing by Cookie middleware, it generate hash based on cookie value with secret key. hash freshly created is compared with cookie hash and return boolean value if cookie was changed or not.
SessionId is store in secured cookie with same mecanism as above. SessionId is encrypt with AES keys and can be used in API calls just as in isConnected()
method able to return if user is connected.
-
Make sure all .NET tools to use ASP.NET core environnement are installed on your machine
-
Make sure that SQL server is installed on your machine and you have a tool to see & manage DB data (SSMS, DbBeaver etc.)
-
Install globally Entity Framework on your machine with
dotnet tool install --global dotnet-ef
and usedotnet ef --version
-
Make sure that you have docker installed and running on your machine !
-
Clone project on your laptop with
git clone https://github.com/Yekuuun/Asp-Net-Authentification.git
-
Open a new terminal and run Β΄docker-compose -f docker-compose.develop.yml upΒ΄ to install all dependencies and launch docker solution (if you have problems with docker you can remove all your old images and containers with
docker system prune -a
&docker volume prune
)
- AutoMapper
- EntityFrameworkCore
- EntityFrameworkCore.Design
- EntityFrameworkCore.SqlServer
- JWT
- Cookies
- JSON deserializer
- Swashbukle.Filter
-> see it : DEPENDENCIES
-> see it : Youtube video