Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JWT Support #1

Draft
wants to merge 4 commits into
base: main
Choose a base branch
from
Draft

JWT Support #1

wants to merge 4 commits into from

Conversation

GrantErickson
Copy link
Collaborator

Don't merge this, just for diffs and comments

meghanmae
meghanmae reviewed Aug 29, 2024
View reviewed changes
IntelliTect.Trivia.Data/Models/AppUser.cs
[Edit(Roles.Admin)]
[Create(SecurityPermissionLevels.DenyAll)]
[Delete(SecurityPermissionLevels.DenyAll)]
public class AppUser: IdentityUser
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Question for Andrew: Does the information on Identity User get exposed to the client via coalesce? (e.g. the password hash?)

Is this the best way to hide it?

    [InternalUse]
    public override string? PasswordHash { get; set; }

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The answer lies in the generated DTOs, and it is "yes".

And yes.

@ascott18
Copy link

Is the exact goal here to add JWT bearer tokens as the authentication scheme? This could be substantially simpler if opaque bearer tokens or cookies are suitable. https://learn.microsoft.com/en-us/aspnet/core/security/authentication/identity-api-authorization. You could delete the controller, and most of the configuration in Program.cs

In terms of presenting this in the format of the show, I think this is 3 episodes?

  1. Adding swagger. Including adding IntelliTect.Coalesce.Swashbuckle - https://github.com/IntelliTect/Coalesce/blob/dev/playground/Coalesce.Web.Vue3/Program.cs#L63
  2. Adding Identity data models, interacting with them via Coalesce (adding/removing roles from users maybe?)
  3. Adding authentication and authorization (sign in, accessing a role-restricted action)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@meghanmae meghanmae meghanmae left review comments

@ascott18 ascott18 ascott18 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@GrantErickson @ascott18 @meghanmae