.NET 6 Web API Authentication | Minimal API & Swagger (CRUD)

Подписаться 8 тыс.

Просмотров 76 тыс.

50% 1

In this tutorial we’ll create a .NET 6 Web API (Minimal API) that will enforce JWT Authentication and Authorization. Furthermore, we’ll add Swagger support and configure Bearer Authentication for it, so that all of our endpoints can be testable from Swagger UI using a bearer token.
By the end of this tutorial, you will know:
- How to create a Minimal API project
- Create and use Data Transfer Objects
- Create Services that expose data
- Understand the basics Minimal API in .NET 6
- Setup a CRUD .NET 6 Web API (Minimal API) that will expose services methods
- Configure the API Endpoints for Authentication and Authorization with JWT Bearer
- Setup Swagger support and configure bearer authentication with Swagger
- Understand the basics of Swagger Documentation in .NET 6
For this tutorial there are two pre-requisites .NET 6 and Visual Studio 2022. Here is a video showing where to download these from: • ASP.NET Core Web API A...
Source code: github.com/iulianoana/Minimal...
👉Join our monthly email club: signup.codewithjulian.com
🎉Check Out Further Resources: codewithjulian.com
👍If you enjoyed this tutorial, please like this video consider subscribing for more content like this!
😎Subscribe for endless .NET Tutorials: / codewithjulian
0:00 - Intro
0:21 - Create Minimal API Project
1:02 - Add Data Transfer Objects
2:47 - Add Data Repositories
4:59 - Creating Services
11:09 - Install JWT Dependencies
12:17 - Configure Minimal API Endpoints
20:41 - Add Swagger Support
23:30 - Add JWT Authentication
29:03 - Generate JWT on Login
35:05 - Configure Endpoints for Authentication
38:27 - Configure Bearer Authentication in Swagger
43:43 - Swagger Documentation
Useful Links:
Enterprise CRUD API Controller: • Create a CRUD Blazor W...
Basics of JWT: • What is Json Web Token...
Dependencies:
- Microsoft.AspNetCore.Authentication.JwtBearer --version 6.0.0
- Microsoft.IdentityModel.Tokens --version 6.14.1
- System.IdentityModel.Tokens.Jwt --version 6.14.1
- Swashbuckle.AspNetCore --version 6.2.3
Credits:
- Sound effects obtained from www.zapsplat.com
- Icons designed by www.freepik.com and www.flaticon.com/
- Images from the artists on unsplash.com/

Опубликовано:

21 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 127

@mattpickel223 6 месяцев назад

Need someone to make a JulianAI wrapper that will whip out tutorials for anything I need to learn about Quick and to the point at every step but includes details about the purpose of pretty much every line of code. Perfect style of tutorial videos!

@AhmedAbdulla2020 2 года назад

I like your style. You are clear and fast. You also tackle very recent topics. Keep up the good work.

@mrs.brightside Год назад

I learned more in this 45min video than multiple videos spanning hours in total. Straight to the point and no missing or vague info. Thank you 😀

@CodeWithJulian Год назад

Thanks for the feedback! I's glad it's been helpful!

@victorchidi9973 2 года назад

Backend made simple. This is just what I needed. Thanks, Julian!

@durdarshivirus6115 9 месяцев назад

In simple words and to the point explanation..... great teaching style 👏..... I've learnt a lot and also understood the complete flow of JWT token, authentication and authorisation role based

@victorburca5028 2 года назад

You are rapid and straight to the point - the best method I meet so far. "Tim Corey" is way behind your style.

@alexeivperez7453 2 года назад

Different teaching styles. I personally like both. But Tim Corey is one of the best in my opinion

@talkathiriify 2 года назад

Thank you very much Julian for the excellent topic. Please keep on doing the excellent and valuable series. Best Regards.

@TheOnlyDominik 2 года назад

The Subscribe overlay ist much better than interrupting the video. Once again, thank you so much for this high quality information.

@CodeWithJulian 2 года назад

Glad it was helpful!

@petrvodicka6053 2 года назад

Perfect job, Julian, I have enjoyed with your tutorials the whole weekend.

@CodeWithJulian 2 года назад

Thanks Petr! Really glad they've been helpful to you!

@Sefiroz95 2 года назад

Amazing tutorial. Thank you very much ! This is just what I needed

@LukeAvedon 2 года назад

I am honored that you chose me as the admin example.

@GaleAnders 6 месяцев назад

I really like your fast and compact tutoring.

@GennaroMalafronte 2 года назад

Very good explanation. I really enjoyed the approach. Keep this way!

@eduactivity 2 года назад

Thanks, Very helpful to create JWD Authentication based API.

@chidieberelevi3344 2 года назад

Lovely tutorial. Thanks. Really helpful in understanding..net6 minimal api 💯

@rajkumararora7366 4 месяца назад

Great work very well explained with simplicity. Keep it up!!

@atacanaloglu2699 7 месяцев назад

It was so helpful. Ty mate.

@drleandrocorrea 2 года назад

Hey Julian, great video! It was very useful to me

@naturelovetimelapse6286 2 года назад

Thank you so much for this informative video

@rastapoile 2 года назад

Very good man ! You deserve many more subscribers

@surajsrivastava1334 2 года назад

Great Explanation 👌

2 года назад

Thank you so much ! it helped me a lot to implement JWT so easly !

@IsaacOjeda 2 года назад

Nice content, congrats👏🏽

@sophia8925 2 года назад

Thank you so much for this video, you just saved my life!

@franklinmontenegro40 2 года назад

excellent work 😀

@stefanbogdanovic590 2 года назад

Awesome video, thanks!

@Lazzerman42 2 года назад

Very instructive and to the point! Appreciated!

@CodeWithJulian 2 года назад

Glad it's been helpful!

@dariinaa9280 5 месяцев назад

Thank you!

@AlejandroVivas Год назад

Excelente content. I'm really glad I found this channel. Thank you!

@CodeWithJulian Год назад

Glad you enjoyed and was useful!

@isachells9859 2 года назад

Hey mate, thanks a lot i loved this!

@DguruZ 2 года назад

Great content bro

@AthelstanEngland Год назад

Excellent thank you... although I had to give the James Bond movie a rating of 3!! :)

@barsakdas7654 2 года назад

Perfect!

@avinavayushman3690 2 года назад

It's great pal 😎

@MrDinakdakan 2 года назад

awesome very good number 1 tut easy to udnerstand

@saintcoder 2 года назад

Thank you for creating this great tutorial video (y)

@CodeWithJulian 2 года назад

You're welcome!

@CarlosRuiz-zz1ee 2 года назад

What a joy of video

@CodeWithJulian 2 года назад

Thank you so much for the kind words!

@thompa04 2 года назад

is it normal practice to have all these functions in a program.cs file or is there a way it could be done in different files?

@Flameoflove01 2 года назад

For anyone having issues with this, make sure you install the exact versions of the dependencies because there is an issue with the updated ones. Thanks Julian

@CodeWithJulian 2 года назад

You're welcome! Correct, that's exactly why I show the versions and you can find the dependencies in the description along with their versions.

@somedevstuff5060 Год назад

I like it

@kmlshn1981 2 года назад

Thenk Julian.

@fifty6737 2 года назад

thank you

@khristopherpineda3635 2 года назад

you`re so good

@CodeWithJulian 2 года назад

Thanks! Glad it's been helpful!

@kmlshn1981 2 года назад

Thenk Julian

@tommyoman5309 2 года назад

Thanks very much Julian ! These videos are gorgeous! How do you manage? so clear and highly explaining!!! Very helpful !! 🙂

@CodeWithJulian 2 года назад

Thank you Tommy, really appreciate your kind words! It takes plenty of research and lots of hours. But it pays off when I see the tutorials prove to be helpful! Have a good one!

@baetz2 2 года назад

@@CodeWithJulian Great tutorial! What tool do you use to paste chunk after chunk of code so seamlessly?

@CodeWithJulian 2 года назад

@@baetz2 Thanks for the feedback, much appreciated! I don't use a tool, here's what I do: I paste the code/function/block in before the scene, then remove it line by line (or in relevant chunks). Then, the bit that gets in the video is when I press CTRL + Z to redo what I've cut off screen. This lets me explain the code as much as possible.

@baetz2 2 года назад

@@CodeWithJulian Thanks for the explanation. I appreciate your caring about saving viewers' time. This should be an industrial standard for tutorial videos.

@CodeWithJulian 2 года назад

@@baetz2 Thanks for the feedback! It's always good to know what works and what doesn't, so I appreciate it!

@collinzhu6075 Год назад

Amazing video, How to convert those map function into the controller? Thanks

@mohammadakbari1944 2 года назад

very good

@CodeWithJulian 2 года назад

Thanks a lot, appreciate it!

@piapinification Год назад

just what I needed, I had not found such a clear and well explained tutorial, thank you very much! do you have any video about refresh token for these minimal API?

@CodeWithJulian Год назад

Great suggestion. My next tutorial will have refresh tokens! Glad it's been useful. Thanks for the feedback!

@piapinification Год назад

@@CodeWithJulian Thank you very much, I'll be on the lookout!

@abdulnaserramadan37 2 года назад

Light code and great

@nickolaki 2 года назад

Wow, excellent video man. Do you by any chance have a discord server? :) Keep up the great work, very helpful for a student dev like me

@jhonhernandez9210 6 месяцев назад

Why you didn't do a controller? That way the example can help people to build something they really need

@miguelrobinson2695 7 месяцев назад

How do i call this api in Winform c#

@daelhoser310 Год назад

thanks for the videos. I do have a question. What's the difference between this authentication and Identity Server? I'm trying to figure out when one should use identity Server considering how much work it takes to set things up. Thanks in advance.

@ahmedifhaam7266 Год назад

built in auth is only for app, IS4 cookie you can take it to any app or multiple app with same cookie if authenticated, lets say you have shop, normal website, blog etc, all login from single sign on, then IS4, that's how I do it, also extra layer security if identity server is in cloud i think.

@mrget1293 2 года назад

That was all great fast track. I liked it all the way. How you could make it even better is add some short explanations on complex parts where you just said instead "because ... this is how you do x" like with Bearer Swagger authentication part. This could be just shown as complete batch of code for a few seconds instead of typing as there is no explanation on it whatsoever.

@CodeWithJulian 2 года назад

Thanks for the feedback and for your suggestion, that's a good idea! Much appreciated!

@eduardocarvalho4847 2 года назад

Hi Julian, this tutorial has been very helpful for me. I have suggestions for you, in minute 11:09 you add the dependencies and don't explain why, also you do the same thing in minute 14:00 when you add "AddEndpointsApiExplorer" just for no reason. I'm a experienced developer and I know what that means, but think like a beginner. Better than do is to understand 😀

@eduardocarvalho4847 2 года назад

This look a copy paste tutorial, you don't explain...

@CodeWithJulian 2 года назад

Thanks for the feedback Eduardo, much appreciated. Firstly, while the video is filled with explanations, unfortunately there is so much a single video can cover. Secondly, _AddEndpointsApiExplorer_ is a necessary service to be registered for Swagger support. Lastly, further research is most of the times required if you wish to go deeper into a subject.

@kavkavy 2 года назад

can i ask you please where did you get the docs for swagger and jwt?

@CodeWithJulian 2 года назад

I found resources from MS Docs to be helpful, just Google for swagger .NET 6. Also check out the JWT intro video in the description.

@owaiskhan2264 2 года назад

Hey would you please explain the relation of two tables and getting the data in one api and also with stored procedure with relation between the cases

@CodeWithJulian 2 года назад

Hi there, there is no concept of tables in this tutorial, to keep things simple. But I suppose if you're going to integrate a database management framework, it would be a many to many relationship between Users and Movies, so you'll need a UserToMovies bridging table. But it really depends on the use case. Hope this helps!

@Lazzerman42 2 года назад

Very clear and easy to follow... but in the end, did you have to run? Felt like 1 minute was cut off

@CodeWithJulian 2 года назад

Thanks for the feedback! No, that's the whole content of the tutorial.

@DoomerDGR8 2 года назад

Very comprehensive tutprail. It was very to follow. From here, I went ahead and added RefreshToken support. I'm surprised that there is no guide on setting up a client portal (Core MVC/Blazor) that can automatically authenticate with API and also do auto refresh, if token expires. Any chance you can shed some light? Is it even possible? My portal access the web API through a single service account.

@CodeWithJulian 2 года назад

Thanks for your feedback! I will make a separate tutorial covering Refresh Token.

@AdilKhan-sr9dm 2 года назад

I have 2 .NET applications ( MVC .net 4.7 and React + core .net 6) in the same folder which I want to deploy in the Azure App service under same domain because both share the same cookie value. I would like to know is it possible to deploy using App service or do I need to create an Azure virtual machine and deploy it on IIS? Thanks

@AdilKhan-sr9dm 2 года назад

@@CodeWithJulian thanks a lot for you prompt reply. I got the answer its not possible as we can only deploy applications belonging to same framework

@CodeWithJulian 2 года назад

Hi Adil, unfortunately this channel does not focus yet on React and I won't be able to advise accordingly in a satisfactory manner. I am happy though that you were able to find an answer to your question.

@RoughSubset 2 года назад

It would be nice to have seen an implementation of refresh tokens.

@CodeWithJulian 2 года назад

Yes, thanks for the suggestion. It'll be part of a future video!

@arjunm.r8641 2 года назад

@Code with Julian I have a request can u please do a video on paging in asp.net core web api?

@AhmedAbdulla2020 2 года назад

BTW, how are you adding code to your project one line at a time? We don't see you typing, and that's a good thing.

@AhmedAbdulla2020 2 года назад

@@CodeWithJulian This is very smart of you to do. I was guessing it might have been a plugin.

@jkc6144 Год назад

I dont like long codes on the program.cs, is there another way to put the code ?

@CodeWithJulian Год назад

Separate them as shown in this video 👉 ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-XlzYTpXGs8k.html

@iurisoares4054 2 года назад

Hi Why this " [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]"? Why without (AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme) the response is 401?

@precioustagbovi6139 8 месяцев назад

mine returns 401 regardless I need help

@ramiroalegre8183 2 года назад

how i can document my api in controller with swagger?. It's possible?

@ramiroalegre8183 2 года назад

@@CodeWithJulian Thanks!

@fernandofonsecacofre9924 2 года назад

Hi! Where i can configure the life time for the token?

@CodeWithJulian 2 года назад

Hi, so that would be done in Program.cs line 80 (the expires property). This is where the JWT is generated/newed up.

@LukeAvedon 2 года назад

38:34 I didn't know you could pass your auth via Swagger!!!!!! WOW!!! wow! wow!

@CodeWithJulian 2 года назад

Yeah such a useful feature!

@AdilKhan-sr9dm 2 года назад

Should we use minimal API for large projects involving lots of area and classes? I see all the code now in just 1 file

@AdilKhan-sr9dm 2 года назад

@@CodeWithJulian thanks for your prompt reply. Will be waiting for your new video.

@baetz2 2 года назад

Here is one of the approaches you can use with minimal API and larger projects: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-z32_7KgCr6c.html

@TheOnlyDominik 2 года назад

Could you please do a Video with Azure Active Directory Authentication (JWT, Bearer, MinimalApi, Roles, Claims, ...)?

@CodeWithJulian 2 года назад

Thanks for suggestion. Azure videos are planned for the future.

@fg87fgd 2 года назад

After the first delete the next insert will blow up your primary key. Use a sequence map instead, please...

@CodeWithJulian 2 года назад

Thanks for the suggestion! Sure a sequence map works too, or a database entity, but this was more for API demonstration purposes.

@JustPlainRob 9 месяцев назад

It would be easier to follow if you slowed down a bit and explained more of the pasted lines of code.

@miglrodri 2 года назад

hey Julian, can you make a tutorial on refresh tokens?

@CodeWithJulian 2 года назад

Hey, that's covered in the next tutorial!

@miglrodri 2 года назад

@@CodeWithJulian , I looked into some videos and can't find any reference to issuing refresh tokens. Can you point me out to the video? Thanks

@CodeWithJulian 2 года назад

@@miglrodri Hi, I meant in the next tutorial that I will publish on the channel. Have a good one!

@miglrodri 2 года назад

@@CodeWithJulian , ok thanks, great work ✌️

@dreamdancer8212 2 года назад

First of all - thank you for this extraordinary good tutorial. It hardly can gat any better. There is just one thing I struggle a little with. In 20:10 roughly you state that you are gonna show how to call these endpoints. Somehow I couldn´t find that you did in the end. My question would be. How do I call these endpoints from a .Net application - let´s say a WPF or a Windows Forms App. How do I get the references to the IMovieService and the Service Implementation into my UI Application (do I have to recode them there or can I get a reference to the type through the API?) and how exactly do I call the endpoint from there. Again thank you for the great work.

@CodeWithJulian 2 года назад

Hi there, thanks for your feedback, it really means a lot knowing it's been helpful! Yes you're right! I meant I'll show how to consume those endpoints with Swagger. I probably could've worded that better. But you can call those endpoints like any other, and you don't need to worry about the dependencies (IMovieService & IUserService in this case), as asp.net takes care of injecting them into your methods. This is as long as you register them at the top (see lines 7 and 8 of Program.cs). So in this case, to send a request to the /get method you just add the base URI (localhost:7006 in this app) + route. For example: _localhost:7006/list_ (to get the full list), or _localhost:7006/get?id=2_ (to get entry with id 2). You can see them in the Request URL of the Swagger page (23:04). Don't forget to add _https_ beforehand. Also, you can check out this video where we'll test the endpoints with Postman (there you can see the actual URL) 👉 ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-j8gM6pBrclI.html I hope this helps, have a good one!

@dreamdancer8212 2 года назад

@@CodeWithJulian Hi Julian thank you for your quick response. I´ll try as soon as possible. I was not aware about the difference between WebApi and Frameworks like WCF. I thought the API would return an object of the service like WCF does and so would need a reference to the type - didn´t realize the API returns JSon although it should have been obvious. The forest and the trees :)Thanks a lot.

@jorgerivadeneiracevallos2701 2 года назад

Why is so complicated ?

@jorgerivadeneiracevallos2701 2 года назад

@@CodeWithJulian Thanks to you for the video..!

@elysium1446 2 года назад

can you please help me and dont delete my comments? :D

@miky97it 2 года назад

Remove the nullable like that sis gonna confuse many newcomers

@CodeWithJulian 2 года назад

The purpose of the Nullable option is to help protect against NullReferenceException, usually by showing warnings when a possible null reference is identified. This is good to have in in a real-world application, but for the simplicity of the tutorial, I opted out. This was done by default in previous versions of .NET.

@nurnajwanazri7494 2 года назад

hello, where can i get url key at app.settings?

@CodeWithJulian 2 года назад

That key is what signs (hashes) your JWT so it could be secure. You could use an offline password generator, or your keyboard to come up with a strong and random combination. The longer the better. Hope this helps!

@Samurai- 2 года назад

Severity Code Description Project File Line Suppression State Error CS1061 'UserLogin' does not contain a definition for 'Username' and no accessible extension method 'Username' accepting a first argument of type 'UserLogin' could be found (are you missing a using directive or an assembly reference?) MinimaUWT C:\.net Projects\MinimaUWT\Services\UserService.cs 10 Active what is wrong with this code pls help someone