In my Pluralsight courses1 on ASP.NET Core, I show how to use JWT Tokens to secure your API. In building a new example for my upcoming Vue.js course, I decided to only use JWT (not cookies and JWT like many of my examples are).
But I kept getting redirects on failure to call an API made me realize that I wasn't sure how to make JWT the only provider. After some fiddling I figured it out. This blog post is mostly to remind me of how to do it.
When ASP.NET Core 2 shipped the early previews, I knew one large change was going to be the Identity subsystem. The Identity for ASP.NET Core 1 worked ok, but the setup was very confusing with identical configuration is more than one place.
I’m happy to say that in ASP.NET Core 2 it’s much better. Implementing JWT Tokens for APIs was more confusing than I liked back when I wrote my Implementing an API in ASP.NET Core course for Pluralsight. I was hoping that it changed to simplify the way it works.
I've been severely remiss in failing to get my source code released for my two MIX talks early this month. I apologize (there is a good reasons, but I can't talk about it).
I had a chance encounter today with the fact that my cell phone records are up for sale to anyone with $110 burning a hole in their pocket. I have to say I am outraged. I can't believe that cell phone companies can sell a record of anyone I call. It makes me sick to my stomach just thinking about it. Anyone else have experience where your cell phone records have been used?
I ran into this article about using Ink Blots to make passwords on Microsoft Research's site and it got me thinking about security and privacy. I think the only bastion of true privacy these days is in the mind. Social Security #'s, mothers maiden names, pet names...its all just demographic data that is in the wide open. So for the common user, trying to remember a strong password (numbers, letters and punctuation) is just too hard.
Last February Bill Gates announced that he was halting development until every project could be reviewed for security and make sure every developer knew how to write secure code. In fact, a pretty great book came out of the process. So did it work?
|Vue.js by Example (Early Access Now Available)|
|Bootstrap 4 by Example (Just Released)|
|Intro to Font Awesome 5 (Free Course)|
|Building a Web App with ASP.NET Core, MVC6, EF Core, Bootstrap and Angular (updated for 2.0)|
|Using Visual Studio Code for ASP.NET Core Projects (new)|
|Implementing and Securing an API with ASP.NET Core|
|Building a Web App with ASP.NET Core, MVC6, EF Core and AngularJS|
|Building a Web App with ASP.NET5, MVC6, EF7, and AngularJS (Retired)|
|Best Practices in ASP.NET: Entities, Validation, and View Models|
|Front-End Web Development Quick Start|
|Lessons from Real World .NET Code Reviews|
|Node.js for .NET Developers|
|Application Name||WilderBlog||Environment Name||Production|
|Application Ver||v4.0.30319||Runtime Framework||x86|
|App Path||D:\home\site\wwwroot\||Runtime Version||.NET Core 4.6.26628.05|
|Operating System||Microsoft Windows 10.0.14393||Runtime Arch||X86|