Giter Club home page Giter Club logo

jwtauthenticationwebapi's Introduction

ASP.NET Core JWT Authentication Web API

This project provides a comprehensive example of implementing JWT (JSON Web Tokens) authentication in an ASP.NET Core Web API, including the use of refresh tokens for maintaining user sessions securely. It's designed to demonstrate best practices for securing web APIs and includes Swagger integration for easy testing and documentation.

Give It a Star! ⭐

If you found this project helpful, give it a star to show appreciation and help other developers discover it

Table of Contents

Getting Started

Prerequisites

What things you need to install the software:

  • .NET 6.0 SDK or later
  • An IDE (Visual Studio, Visual Studio Code, etc.)

Installation

A step-by-step installation guide that tell you how to get a development environment running:

  1. Clone the repo
    git clone https://github.com/ulomaramma/JWTAuthenticationWebAPI.git
    
  2. Restore the .NET packages
    dotnet restore
    
  3. Start the project
    dotnet run
    

About JWT Authentication

JWT (JSON Web Token) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed.

In the context of web APIs, JWTs are used to authenticate requests made by clients. When a user logs in with their credentials, the server generates a JWT that encapsulates the user's identity and other relevant attributes. This token is then sent back to the client, which will use it to authenticate subsequent requests to the server. The server will verify the token's validity before fulfilling the request.

Using Refresh Tokens

A refresh token is a special kind of token used to obtain a renewed access token. This is necessary because JWT access tokens are typically set to expire after a short period for security reasons. However, constantly asking users to log in again after their access token expires would not provide a good user experience. This is where refresh tokens come into play.

In this project, alongside the JWT access token, a refresh token is also issued to the client upon login. The refresh token has a longer lifespan and can be used to request new access tokens without requiring the user to re-authenticate with their credentials

Testing with Swagger

This project is configured with Swagger to test the API endpoints easily. To access the Swagger UI, navigate to http://localhost:port/swagger in your web browser after starting the project.

Contributing

Your contributions are welcome! If you'd like to improve the guide, add examples, or correct any mistakes, please feel free to fork the repository and submit a pull request. Any contributions you make are greatly appreciated.

Fork the Project

  1. Create your Feature Branch (git checkout -b feature/AmazingFeature)
  2. Commit your Changes (git commit -m 'Add some AmazingFeature')
  3. Push to the Branch (git push origin feature/AmazingFeature)
  4. Open a Pull Request

jwtauthenticationwebapi's People

Contributors

ulomaramma avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.