Get the source code for this video for FREE → the-dotnet-weekly.ck.page/aspnetcore-identity Want to master Clean Architecture? Go here: bit.ly/3PupkOJ Want to unlock Modular Monoliths? Go here: bit.ly/3SXlzSt
@thofalbo
3 ай бұрын
Thank you so much for your videos. Im from Brasil and it really helps me, but I would like to see that approach with a database first. Is there a script to create the tables in the database, so I can map them in the code?
@proveit99
Ай бұрын
Fast, accurate, and understandable. This is a fantastic tutorial video. You are truly a gem among KZitem tutorial creators.
@MilanJovanovicTech
Ай бұрын
Glad it was helpful!
@iliachakarov7285
21 күн бұрын
Yes, well said!
@dotnetbuilds
4 ай бұрын
Milan's videos' value per second is always so high, lol. Absolutely no fluff whatsoever.
@MilanJovanovicTech
4 ай бұрын
Value per second, now that's a nice metric
@aiviskri
Ай бұрын
It's explained really nicely, I like that you don't waste time and get straight to the point. Completely different from the official Microsoft documentation and tutorials, which rely on already generated code or don't have an easy to navigate structure. Thank you!
@MilanJovanovicTech
Ай бұрын
Most welcome!
@jonahl9898
4 ай бұрын
Great video! One thing was missed when discussing adding JWT tokens. If you are going to add both Application Cookies and Jwt Bearers, things are going to get wonky. Using the provided solution, you have to manually specify which scheme you want to use for every request. This code didn't work in Postman using JWT for example and would return a 404. The solution is to change the Authorization setup to the following: builder.Services.AddAuthorization(options => { var policy = new AuthorizationPolicyBuilder(IdentityConstants.ApplicationScheme, IdentityConstants.BearerScheme) .RequireAuthenticatedUser() .Build(); options.DefaultPolicy = policy; }); This means anything tagged with [Authorize] will allow both schemes automatically.
@zfold4702
4 ай бұрын
You can also decorate your class or method with Authorize attribute with Policy name. The framework will use the specified policy for that particular request. This allows using multiple schemes within application.
@MilanJovanovicTech
4 ай бұрын
Awesome, thanks for adding this!
@kangabroo
4 ай бұрын
They are opaque bearer tokens, not JWT.
@dragannikolic568
4 ай бұрын
Thx!!! I did everything by the video and /me details part did not work. You saved me time for checking the stackoverflow on the solution for 2 schemas problem...and Milan recently started to give us non working solutions :) I enjoy doing some things on my own but sometimes it gets really wonky as you said :)
@Add0w
Ай бұрын
Thanks Jonah for this, now I want my all endpoints to be authorized by default so I used " .RequireAuthenticatedUser()" but that caused an issue for me where even the identity endpoints are throwing 401, what is the solution for that issue?
@Mig440
4 ай бұрын
I know that identity is simple enough here but it could be really good to have a video on using oidc external authentication providers and how to configure oidc in dotnet backends together with a frontend application using maybe the bff pattern?😊
@MilanJovanovicTech
4 ай бұрын
I may cover Keycloak soon :)
@arnelirobles
2 ай бұрын
wow. this makes things easier. i use to make the endpoints manually.
@MilanJovanovicTech
2 ай бұрын
Nice
@Alaa_vie
Ай бұрын
Nice as always. You are my fovrite youtuber
@MilanJovanovicTech
Ай бұрын
Thanks a lot! :)
@tayyabshaikh3286
3 ай бұрын
we need more videos like this which covers full end to end steps
@MilanJovanovicTech
3 ай бұрын
Coming up!
@dotnetMasterCSharp
Ай бұрын
This is Awesome and more helpful for Devs; Thank you!
@MilanJovanovicTech
Ай бұрын
You're welcome
@yunusemreteke
4 ай бұрын
Hey I wonder how we use TwoFactorAuthentication in identity with using google or microsoft authenticator app can you make a video for this topic?
@MilanJovanovicTech
4 ай бұрын
Great idea for a future video
@wealthgenerationstrategies
12 күн бұрын
Would love to see this video but greatly expanded for the developer who is still trying to get a handle on the Identity library. Otherwise can you recommend resources to get up to speed, so I could recreate this without being a monkey on the keyboard? Thanks greatly.
@MilanJovanovicTech
12 күн бұрын
Check out Anton's playlist: kzitem.info/news/bejne/pq6HsKCgqZxin44
@DenisioRodrigues
4 ай бұрын
Very good! Thanks for sharing.
@MilanJovanovicTech
4 ай бұрын
Most welcome!
@yuravertsimaga6012
4 ай бұрын
Great, thanks! But can we use JWT here? or just Bearer?
@MilanJovanovicTech
4 ай бұрын
Bearer, it's not a proper JWT. That would have to be implemented separately.
@iliachakarov7285
21 күн бұрын
Fire tutorial!! U the G
@MilanJovanovicTech
21 күн бұрын
Thank you!
@aqorda
4 ай бұрын
System.InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found. The default schemes can be set using either AddAuthentication(string defaultScheme) or AddAuthentication(Action configureOptions).
First of all great video, Small question say you have another service which you need authorization for how would you use your current service to authenticate it?
@MilanJovanovicTech
Ай бұрын
When you say service you mean a physically separate service?
@mikeutube7888
4 ай бұрын
love it! clear and simple! thanks!
@MilanJovanovicTech
4 ай бұрын
Thanks! :)
@hdjfgt
4 ай бұрын
Why only run migrations on development? How do you apply them in other environments?
@MilanJovanovicTech
4 ай бұрын
Manually, and preferably with SQL scripts. In some projects, I'll use a tool to automate this. One example is RoundhousE
@naberius81
11 күн бұрын
What confuses me, if we are not implementing the registration process but just using the default how would you then use the provided /confirmEmail endpoint, in which step and where should i use 'sendgrid' for example to send a confirmation token to my user. ?
@MilanJovanovicTech
10 күн бұрын
You can send the confirmation yourself, and it'll hit that endpoint. Or you can auto-confirm new users.
@rodrigo-5967
4 ай бұрын
how can I add custom claims on register, is it possible? I wanted to be able to add custom Role authorization in the apis but I haven't found a way so far... Also, disabling the register endpoint would be useful for sure
@10Totti
4 ай бұрын
Is not possible.
@rodrigo-5967
4 ай бұрын
@@10Totti thanks, at least I'm no longer going to spend time finding how to do it
@piotrkowalski3460
4 ай бұрын
@@rodrigo-5967 you can implement your own register endpoint instead of relying on MapIdentityEndpoints
@MilanJovanovicTech
4 ай бұрын
Should be possible through the Claims table in the database. I'd refer to the docs for that part.
@ЛешаКот-г9х
24 күн бұрын
Thank you for video, i want to use it in clean architecture. But i have a question: where should i put creating, updating, deleting users and their roles?
@MilanJovanovicTech
23 күн бұрын
Use cases in the application layer
@ЛешаКот-г9х
23 күн бұрын
@@MilanJovanovicTech Thank you so much!
@maxencemartin6498
Ай бұрын
Hi, thank you for the video. I don't know why they don't add some extra endpoints for managing roles associated with User when registering. What the tips in that case ? Implementing a custom endpoint in order to associate role with a user ?
@MilanJovanovicTech
Ай бұрын
Yep, have to make something custom
@itirush2701
4 ай бұрын
AAAAAAAAAAAAAAAAA thanks thanks. I've been waiting for this video
@MilanJovanovicTech
4 ай бұрын
What would you like to see next?
@itirush2701
4 ай бұрын
@@MilanJovanovicTech Microservices)
@EvekoShadow
4 ай бұрын
This makes met not take for granted how painless msal and entra has become when solving authentication/authorization. Especially when also integrating downstream apis. But then again, not everyone has vendor lock-in to azure.
@MilanJovanovicTech
4 ай бұрын
Auth is such a complex topic. I'm glad we have good abstractions in place.
@doogiehowser1124
Ай бұрын
Thanks for the clear explanation video. But why use Docker? have to install Docker to run the app? it also seems that if you add Docker when creating the WebAPI app it will yield a nearly blank program.cs file.
@MilanJovanovicTech
Ай бұрын
Makes it easier to run the app on different machines
@hknk
4 ай бұрын
Is there a way to disable register endpoint?
@theentein
4 ай бұрын
No. You cant override. But You can redirect it to another page.
@10Totti
4 ай бұрын
Middleware.
@MilanJovanovicTech
4 ай бұрын
It seems no, which is tragic
@WeirdoPlays
8 күн бұрын
We are really Looking forward to have a IdentityServer4 replacement. Is anything there similar to that.
@MilanJovanovicTech
7 күн бұрын
Keycloak? Or pay for a license
@MahmoudSaed98
4 ай бұрын
We want you to explain the Bogus library and an explanation of its use with unit testing using Mock
@MahmoudSaed98
4 ай бұрын
👀👀 millan
@MilanJovanovicTech
4 ай бұрын
Ok, sounds interesting
@chrisauret3785
4 ай бұрын
Which layer would the IdentyUser exist in a Clean Architecture solution? And how would it affect other layers?
@MilanJovanovicTech
4 ай бұрын
Depends, do you want to use the AspNetCoreUsers table only, or also have your own?
@Davide-zx7ig
4 ай бұрын
Very cool video but i just have a doubt. I see you extended IdentityUser and added Initials to the user table, but at the same time it didn't reflect on your register endpoint. Is it just a swagger thing meaning you could pass Initials in the payload?
@MilanJovanovicTech
4 ай бұрын
No, Identity endpoints doesn't pick up the change
@Davide-zx7ig
4 ай бұрын
@@MilanJovanovicTech So what’s the point of using that endpoint if you cannot custom the json body?
@LucaAzalim
2 ай бұрын
@@Davide-zx7ig that's excactly what I am trying to figure out. I have extended the IdentityUser adding custom properties, but I can't send the custom properties to the /register endpoint. It is simply ignored.
@Davide-zx7ig
2 ай бұрын
@@LucaAzalim I had a project that I used Identity. One thing I did and it worked really well was extending IdentityUser and adding my custom properties. At the same time, I had to define my custom controller contract objects. In my service class I just used the UserManager class to perform all user related actions such as saving, changing password, etc
@gibin.francis
4 ай бұрын
In clean architecture landscape, where the User class should be placed
@MilanJovanovicTech
4 ай бұрын
Domain
@gibin.francis
4 ай бұрын
@@MilanJovanovicTech torally agree but as its class we cannot use inside the domain as its referring an interface from identity package, in this way the domain need to reference infrastructure layer. So should it be good idea to use an IUser interface in domain and implementation on infrastructure layer?
@hueseyinguendogan8541
14 күн бұрын
I really like your content :) How can I get the response in 08:27, when I want to use a custom controller method?
@MilanJovanovicTech
14 күн бұрын
You can use the UserManager class
@hueseyinguendogan8541
14 күн бұрын
@@MilanJovanovicTech Thanks for the response, but I cannot generate a token with u UserMsnager. For that I need an extra package..At least according to all information I found in the internet...
@marktoth6334
2 ай бұрын
Why do authorized endpoints return 404 instead of 401 if not logged in and using cookie authentication?
@MilanJovanovicTech
2 ай бұрын
That's strange behavior
@YI-gt7kh
2 ай бұрын
Why am i getting an error when I want to take the user info System.InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found. The default schemes can be set using either AddAuthentication(string defaultScheme) or AddAuthentication(Action configureOptions).
@MilanJovanovicTech
2 ай бұрын
Specify the scheme in AddAuthentication
@YI-gt7kh
2 ай бұрын
@@MilanJovanovicTech Tanks for help, but I have one more question. How I can extend the "register" endPoint for my User Class? public class User : IdentityUser { public string? UserSurname { get; set; } public string? Address { get; set; } public DateTime DateOfCreation { get; set; } }
@JustCode512
4 ай бұрын
Thank you milan!
@MilanJovanovicTech
4 ай бұрын
You bet!
@ekhlasmridha6659
7 күн бұрын
Is there a way to signup/signin using phone number instead of email, using identity?
@MilanJovanovicTech
7 күн бұрын
Not sure
@hozmannew896
4 ай бұрын
I Notice that Custom Property you Added [Initial] doesn't apply value or any custom property like [FirstName, LastName, ...] , is that normal? and thank you for your great video
@MilanJovanovicTech
4 ай бұрын
It's not included automatically on the register endpoint
@furtiplustion
Ай бұрын
First of all thank you. Second, how can i exclude some functions from the public identityApi, ie, new users are not allowed to be register.
@MilanJovanovicTech
Ай бұрын
Sadly, there isn't an option for that
@mariomandzukic8676
4 ай бұрын
Hello Milan can we add other models to this identity dbcontext? and when we run migration will it change them as well or just users
@MilanJovanovicTech
4 ай бұрын
Yes, but I typically like to keep separate contexts and schemas for Identity and my domain models
@fredchess
3 ай бұрын
hello , I have an error when I'm trying to use a custom User:IdentityUser. The error is "Identity.BearerAndApplication was not authenticated. Failure message: Unprotected token failed". If I use DbContext with simply IdentityDbContext all work. Please can you help?
@MilanJovanovicTech
3 ай бұрын
Not really
@10Totti
4 ай бұрын
Nice tutorial thanks. Too bad it's very limited if we want to do customizations.
@JollyGiant19
4 ай бұрын
Yeah, that’s the worst part of it. It feels limited to POCs and demos
@amrswalha
4 ай бұрын
True, using these out of box authentication in real life can be a challenge if you want to customize anything.
@MilanJovanovicTech
4 ай бұрын
It's not much different than integrating with an external IDP
@phyrokhar
Ай бұрын
is it possible to integrate this with social social auth to assign permissions to users login with google for example
@MilanJovanovicTech
Ай бұрын
I believe it's possible, check this: learn.microsoft.com/en-us/aspnet/core/security/authentication/social/google-logins?view=aspnetcore-8.0
@FrequencyModulator
2 ай бұрын
For example I don't want to allow users to register, is there a way to hide/remove this endpoint?
@MilanJovanovicTech
2 ай бұрын
Not out of the box
@tomekres1021
4 ай бұрын
Can I integrate web api with external authentication service like google or facebook with this library, without blazor identity side or mvc ?
@MilanJovanovicTech
4 ай бұрын
Yes
@326435ha
4 ай бұрын
What do I need to adjust to use int as a key for all the generated classes
@MilanJovanovicTech
3 ай бұрын
I believe it's IdentityUser, but check the docs for the exact syntax
@nguyentrungkien1207
4 ай бұрын
I wonder how can I add this to my project which follows clean architecture and DDD. I has a thought that I can put the ApplicationUser and related terms inside Infrastructure/Identity, include a foreign key from ApplicationUser to my domain user (customer and staff), change the DbContext to IdentityDbContext, add loginservice in Application layer. Is this okay?
@MilanJovanovicTech
4 ай бұрын
Yes, that's an option
@YarnellCrew
3 ай бұрын
Quick Question, I have been working on this for awhile now and I just can't get it to work. We have a SSO using Apereo CAS. Our Admin requires that our web apps make a call to the CAS server and use its login page and then it sends back a ticket for validation. I just can't figure out how to make the call using httpclient so that their page comes up and then get the data back. Have you ever done a video on something like that? I know other SSO like Google or MS are fairly easy because those are built in but I can't seem to get a third party one to work. Any ideas?
@MilanJovanovicTech
3 ай бұрын
Shouldn't this be done from the client side?
@YarnellCrew
3 ай бұрын
@@MilanJovanovicTech There is no client side, this is a pure server side Blazor app.
@YarnellCrew
3 ай бұрын
@@MilanJovanovicTech Sorry what do you mean from the client side?
@raman465
2 ай бұрын
Could you explain why we need IdentityServer4 ?
@MilanJovanovicTech
2 ай бұрын
When did I say we needed it?
@wicho5401
4 ай бұрын
I'd love to see this working with an external account like Google
@MilanJovanovicTech
4 ай бұрын
Ok, that's a great idea for another video
@_aymanmohamed_
Ай бұрын
Can we configure these generated end points
@MilanJovanovicTech
Ай бұрын
Nope :/
@88guernica
4 ай бұрын
Is it necessary to do all this if I am going to use something like OKTA/EntraID?
@MilanJovanovicTech
4 ай бұрын
Nope, you can just configure JWT for example
@md.sayeedrahman2553
20 күн бұрын
Hello I cannot use parse this token in frontend to see user claims.
@MilanJovanovicTech
20 күн бұрын
It's not a JWT
@md.sayeedrahman2553
20 күн бұрын
@@MilanJovanovicTech also it has other problems. It cannot be decoded like a jwt to see user claims. So i wrote custom login endpoint to get jwt token with claims
@segunbabalola7430
3 ай бұрын
Any idea why i am getting the IEmailSender error?
@MilanJovanovicTech
3 ай бұрын
Didn't register it with DI?
@Rahulsapkota
4 ай бұрын
nice content, thanks
@MilanJovanovicTech
4 ай бұрын
You're welcome
@MostaSufa10
4 ай бұрын
Is it possible to configure the generated token or its expires time?
@HedgarBezerra
4 ай бұрын
Yes, it's. as you're adding the Bearer token to service collection, you can pass the configuration after the schema.
@MilanJovanovicTech
4 ай бұрын
Yes
@anonymous5816
26 күн бұрын
Forgot password, very large token received in email, how can we configure it to send may be a 6 digit code.
@MilanJovanovicTech
25 күн бұрын
I'm not sure if that's something that is customizable
@anonymous5816
25 күн бұрын
@@MilanJovanovicTech well that is, AddIdentityCore options=> options.token.PasswordResetTokenProvider = TokenOptions.DefaultPhoneProvider Doing this has given me a 6 digit numeric code when calling usermamager.GeneratePasswordResetTokenAsync But for some reason when i call the identity's forgot password endpoint it emails a 8 digit alpha numeric code If i can somehow set the token provider to ToTpSecurityBasedTokenProvider that might help, but i cannot figure out how to do it yet
@anonymous5816
25 күн бұрын
The password reset for mobile app users has to be a short code, as a standard practice
@anonymous5816
25 күн бұрын
@@MilanJovanovicTechmoreover, i want to customize the content of the emails it is sending for registration or password reset etc, e.g put my required html , company details etc
@ramytawfik9168
4 ай бұрын
Can you please milan make a video about chain of responsability pattern
@MilanJovanovicTech
4 ай бұрын
Already covered it many times - with MediatR pipeline behaviors
@BJazz19
4 ай бұрын
can i authenticate using username instead of email?
@MilanJovanovicTech
4 ай бұрын
I think so, though I'm unsure (from memory) what needs to change in the setup
@Sharondevbd
4 ай бұрын
Thanks ❤
@MilanJovanovicTech
4 ай бұрын
You're welcome 😊
@dzllz
4 ай бұрын
Cookie vs jwt with?
@MilanJovanovicTech
4 ай бұрын
I usually work with JWT
@dzllz
4 ай бұрын
@@MilanJovanovicTech cool, do you have videos about refreshing tokens using jwts?
@yari_la
Ай бұрын
А как использовать JWT?
@MilanJovanovicTech
Ай бұрын
Check out Microsoft.AspNetCore.Authentication.JwtBearer
@denissorn
4 ай бұрын
An idea for a video, series of videos, course whatever (I could also be blabbering nonsense, because I'm not even sure it's possible.). Functional (Can be simple but not nonsense only suitable for a demo.) .Net API that can be AOT compiled. Maybe it's too early for that.
@MilanJovanovicTech
4 ай бұрын
Ok, sounds interesting 👌
@VikasSoam-uh1dl
4 ай бұрын
in my code give this error initials column
@MilanJovanovicTech
4 ай бұрын
Did you run the migration?
@sebastianszafran5221
3 ай бұрын
What if I wanted to configure all of it inside of Infrastructure project (is it even a correct approach)? AddApiEndpoints method is missing, it comes from Microsoft.AspNetCore.Identity assembly. Another concern is, what to do with custom User entity, it surely cannot be declared within Domain as it needs dependency on Identity... Should it belong to Infrastructure? There are a few unknowns. PS. It would be lovely to have some more in depth video about this new .NET 8 authentication approach. Or perhaps could you include it into your Clean Architecture course? Thank you in advance!
@MilanJovanovicTech
3 ай бұрын
I will try to cover these questions in a future video
@sebastianszafran5221
3 ай бұрын
@@MilanJovanovicTech Thank you! Forgot to add that I really appreciate your videos!
@oogway_hussein
2 ай бұрын
its not beginner friendly
@MilanJovanovicTech
2 ай бұрын
Refer to the MSFT docs then
@muhdinmussema5854
4 ай бұрын
But extending custom class not possible! probably .net 9 will fix that!
@MilanJovanovicTech
4 ай бұрын
Any issues about that you're tracking, perhaps?
@PremiumAsh-jd3qd
4 ай бұрын
Thanks for this video I implemented same earlier but I faced a challange that when I am creating custom user class like as you added with initials I added firstname lastname string properties but I was unable to add those in registration because they were not reflecting so I had to make changes and made custom methods which overrides current identify flow
@10Totti
4 ай бұрын
is not possible.
@MilanJovanovicTech
4 ай бұрын
Sadly, you'll have to manage that on your own :/
@yohm31
4 ай бұрын
Nice but unfortunately you tight everything to EF and a database :( Can you explain a more simple way, when database , and especially EF is not wanted, because , you know, EF is not law ;)
@MilanJovanovicTech
4 ай бұрын
Why not use an external IDP then?
@yohm31
4 ай бұрын
@@MilanJovanovicTech why not. Which one do you recommend?
Пікірлер: 176