If you have these timestamps in the description starting from 00:00, youtube will segment out your video automatically for you. It's usually more easier for your viewers to see the segments in the built-in media player rather than looking up for comments to find the timestamps. You just need to edit your description and add 00:00 - Intro to your timestamp list.
@@RawCoding You still can edit your description to have 00:00 - Intro at the first line of the list. It would still work regardless of when your video was out.
Been developing in .net for the last 2 years and so much of what you talk about in this series was almost a black box to me (and I think a lot of other developers). Videos like these are so valuable. Heading to Patreon now. Thank you.
Authentication and Authorization user to be a scary concept to me, but not anymore thanks to you buddy :D you're a GOAT! I didn't get what was the purpose of the Rank field yet tho.
Thanks for awesome series. I'm learning more things from you. But I have a question. After the adding CookieJarAuthorizationHandler into the service scope. How do i know this _authorizationService.AuthorizeAsync using this CookieJarAuthorizationHandler in the controller action method. Thanks in advanced.
I had to do the samething with DynamicPolicy in .net core 2.2. And i implemented the permission based authorization by that way. Which role has access to which permission? That info stored on my database. Great serie by the way, well explained and pretty enogh deep dived. Thanks...
27:43 Should there be more code in the CookieJarAuthrizationHandler to handle what type of CookieJar resource it is? Or whats the point, its just going to authorize any cookie jar right?
So, if I understand correctly, ResourceBasedHandler lets me authenticate User based on model that is provied in HttpRequest? Let's say we have an Order.cs tlike this: class Order { String name; ApplicationUser Owner; String OwnerID; } Obviously, when sending an HttpPut request to update an Order I require the user sending the request to be the owner of the Order (so basically User.Id == Order.OwnedID). If not, return 403. Wouldn't it just be easier to check current user's id and the OwnerID of Order posted in HttpPut method and then just return a proper HttpStatusCode? ResourceBasedHandler seems like a lot of boilerplate code. And what if I don't wanna use these Requirements and create static class for just storing them? All I need is just the current User and the Resource (Order in this case) to be able to authorize or deny authorization to the user, any way to do that with AuthorizationHandler? What comes to my mind is that I could just user AuthorizationHandler and authorize the user based on the data there.
sir, 29:35 meaning of Any time user is checked for his authentication better way to call this method multiple times ... not understood. Why you are added claim(Friend,"bad") at runtime to user Identity....not understand the advantage of Extending IClaimsTransformation....can you explore more ....i am eagerly waiting for reply
i'm a dotnet core learner from China. thank you so much for so many great videos. i got a problem with the authorizationHandler middleware. i've typed almost every code , in this episode i created every class u have created in homeController.cs and customAuthorizationPolicyProvider.cs, and everything works fine except class securityLevelHandler. i created that class〖public SecurityLevelHandler:AuthorizationHandler{protected override Task HandleRequirementAsync(... ...)......}〗, then register it in my startup 〖services.AddScoped....〗, but it doesn't work at all. i create a breakpoint at HandleRequirementAsync function, then access page home/securityLevel or home/securityHigherLevel, every class and function works but this class and this function, all i got is access denied. i checked my spell or if sth i missed but found nothing. i post my code screenshot in my twitter: [ twitter.com/michael_65536/status/1256868855479021568?s=20 ] i 've been stuck in here for whole day... Hope you can help me to solve the problem, thanks a lot ! by the way, i'm using dotnet core 3.1 and vs 2019 v16.5
Thank you for your comment, you have very good english :) github.com/T0shik/aspnetcore3-authentication/commit/c9ff075bd0cc74d0c760eadde7c1e153968a8900#diff-ddeef559d2c8678d57c226b9c27e010bR47 > .AddRequirements(new SecurityLevelRequirement(Convert.ToInt32(value))) You don't add the requirement in order for the handler to be triggered, you rather check if the claim is there.
Thanks for the vid! I have used .Net for a few years now, but always as a backend API , always with Angular as the frontend App I have never tried MVC or Razor, less Blazor. My question is, do I start straight into Blazor? or MVC first? or Razor Pages? Another thing, to my knowledge Blazor replaces the front end App like Angular, but there is still the backend, does the backend here counts as Razor pages?
Cheers! Try mvc or razor 1st that will just get you used to html and templating with c#, this skill will then be transferable in to blazor where you can extend what you've done with razor components, word of warning though server side blazor is a specific niche and client side isn't production ready. Your last question is a bit confusing, but just so you know the backend is just C#/F#, unless with js framework you want server side rendering then you also spin up an instance of Nodejs. If you are on about server side blazor just remember that blazor/razor compiles down in to C#.
Hi, I am building an application that has a single signon page. What I need to happen is for it to try ldap but if that fails to fall back to forms authentication. I can't see any examples on the web on how to achieve this, I've seen the mention of JWT, or IdentityServer so working through these videos but any advice you could give would be great.
The docs are really good on this one docs.microsoft.com/en-us/aspnet/core/security/authentication/windowsauth?view=aspnetcore-5.0 You should be automatically authenticated when visiting the site otherwise sign in. You can try enable windows auth but protect your site with another schema so when they visit the sign in page you conver the windows identity in to your custom one
Another great tutorial that helps you understand this tolic very good! I loved the ”custom” SecurityLevel instead of just Authorized for the iactionresult Secretlevel. But what if you have say Securitylevel(int Id), can you handle the value of id in your custompolicyprovider? I have tried to get both classname and actionname in an handler like that but haven’t succeed, less any inputpara,eters for the action. Any idea on where too find a so,ution for that?
@@RawCoding say you change the code to: [SecurityLevel(5)] public IActionResult SecretLevel(int id) { } And instead of an url of home/secretlevel you have home/secretlevel?id=105 Are there any way you can include 105 in your customhandler?
I have login method in my code and i want to use [Authorize] attribute, but every time i log in to my homepage ( Redirect(returnurl ?? "/")) it doesnt work and i dont know why is that, because the result of authorization (Succeeded value) is true.
33:43 doesn't override the state...not understood, actually in real-time project we store claims at the database, from there we pick/take. what is extracted, what is dragged...unable to understand th
Doesn’t override the state meaning if you add a claim via claims transformer it doesn’t actually add it to the cookie. So you load the original claimsprincipal from cookie in to httpcontext and then you extend it with claims transformation
When the user tries to access an action to which they are not authorized, I want to redirect to a "Not authorized" page, not to the login page, how do I do that?
There's a fundamental difference between authorization and authentication. If the user is not authenticated then by default he is not authorized, at this point we set the LoginPath. If the user is authenticated but not authorized then we set the AccessDeniedPath. If you would like more fine grained redirects, like for instance on some actions an unAUTHENTICATED user should not be redirect to login but show the access denied page, you would need to manually handle this within an action and use the IAuthorizationService, or create a custom Authorization attribute to handle this.
Good, I hope you can help me with the dilemma I have, when generating the Claims in this way "new Claim (ClaimTypes.Name," ABCD ")", the format is "{schemas.xmlsoap.org/ws/ 2005/05 / identity / claims / name: ABCD} ", and when" new Claim ("Name", "ABCD") "is generated in this way, the format is" {Name: ABCD} ", the problem in First way I don't know how to find the value, since in the second way I can use @ User.FindFirst ("Name"). Value in the view and claimsIdentity.FindFirst ("Name"). Value in the controller, as I should look for the value in the first form or format ...?, Thank you very much.
@@RawCoding building projects, i think, is better to learn. But some cases should be explained for wider view. It likes you show up other options so that we'll understand why we should it
These tutorials have a lot of potential, but they fail to tie together the concepts in the first lesson -- namely claims, claims principals, claims identity -- with asp.net identity. You showed that a person can have multiple claims with multiple claims identities, but didn't show how that works with, or give real life examples of this, with asp.net identity. I watched all of the episodes hoping so badly that I might finally grasp all this identity stuff, but you never quite got there.
You can find real world examples in my Blog (Roles example) and Shop (Claims example) series. Real world examples require a real world application and its a long and dragged out process which has steps of planning and justifying decisions that's not what these series were. Trust yourself if you understand the concept you can map ideas in to these constructs.
