if you are facing an error like Unable to create KeyedHashAlgorithm for algorithm 'HS512', the key size must be greater than: '512' bits, key has '256' bits. Arg_ParamName_Name. Just increase the token size in your settings.json
Hi Patrick. I'm following your videos since the .NET 6 version of this topic. I remember back then you used HMACSHA512 to generate the password Salt. Does this mean HMACSHA512 will always generate the same Salt for the same input even though is in byte[] format?
Please how to make it right if i use sqlserver adding the id for the app user and it should be there class that carry the models to use thim is there a video do did it ???
May I have a question about security? JWT is nice but is it a good idea to store there email or some user's data? Is'nt it better to control and check the JWT in the database if the user is logged in or not? Or what's the bet idea in this way how to secure the API?
Why in the world would an api need to know more than just the fact it’s an authenticated user and has access? The UI should do the login and then pass the token generated then with a call that passes they are authenticated and maybe a app id to validate that said app has access to it.
I'd like to ask this. What is the advantage of using a custom authentication system rathen than using AD for instance? I know when one creates a project in VS, we have the option to select a auth system and it will be implemented and we can twist it.
Hi E243, from experience, especially if you are delivery SaaS, not all client may have AD that you can plug in to, you may want to have a fallback custom authentication system. I hope this helps. Cheers.
@adeyinkaroyal Make sense, but when a customer sign up, those information aren't going to be saved in Azure? I don't think one has to have credentials in AD. If I am wrong then it does make sense.
@@E243-v7n Hi, was offline for a while. That's correct, it means on sign up, you manage the customer's data in your repository of choice, hence you can build your own custom authentication on it.
Please help. How do I make a API that returns a list of records filtered by the personId? I used the scaffolding API wizard. This is killing me. I have it working for getting all the records, but I can’t seem to add a Where clause. Thanks!!
without your code he cant help you but you can do something like this on your service _dataContext.YOUDBCONTEXTTABLE.Where(t => t.Enabled) .AsQueryable(); later you can call the service in your controller.
When you call weather api how does it know to automatically call the auth/login controller to generate the token ? Where is this connection defined exactly ?I don't get it
This is personally my favorite part of your tutorials. All the way to refresh tokens. Thanks for this.
Happy to hear that! Thank you!
if you are facing an error like Unable to create KeyedHashAlgorithm for algorithm 'HS512', the key size must be greater than: '512' bits, key has '256' bits. Arg_ParamName_Name. Just increase the token size in your settings.json
thanks
This is my most simpliest favorite authentication tutorial especially using hashPassword. Awesome Job Patrick!
Thank you so much for your feedback! Glad you like it! 😊
nice.
من ایرانی هستم. ممنون بابت اموزش عالی.💕💕💕💕💕💕💕💕💕💕
Hello Patric
I like your teaching style and also love your codding style
🥰
Thank you very much, Abdul. I appreciate that. 😊
I just Love the way you explain bro , thank you so much and carry on please 🙏🙏🙏
Superb explanation as usual Patrick. Thank you.
Many thanks!
good reference in last test part
Glad it was helpful!
@PatrickGod There's no explanation as to how inputing Bear Token in the Swagger, unless I missed it?
I love your style, very much the way I like to code.
Please make video for logout in JWT token by invalidating token without storing token in database
This. I hope he makes a video on it. Best tutorials on Entity Framework by far.
Hi Patrick. I'm following your videos since the .NET 6 version of this topic. I remember back then you used HMACSHA512 to generate the password Salt. Does this mean HMACSHA512 will always generate the same Salt for the same input even though is in byte[] format?
Could you please tell us how we can logout the user? thanks
Excellent bro, it was interesting!
Glad you enjoyed it!
Please how to make it right if i use sqlserver adding the id for the app user and it should be there class that carry the models to use thim is there a video do did it ???
Hello patrick How to store the Data in the sql database user login and regsitration ?
Thank you so much Patrick.
🚀 Join the .NET Web Academy: dotnetwebacademy.com
💻 Use Code LONGERNIGHTS to get 20% off on any course or plan!
i sheesh with that code very simple, thanks bro
May I have a question about security? JWT is nice but is it a good idea to store there email or some user's data? Is'nt it better to control and check the JWT in the database if the user is logged in or not? Or what's the bet idea in this way how to secure the API?
JWT is used for stateless authentication. If you hit the Database per request, there is no point for using JWT.
Great video and explanation, thank you very! 😎✌
Good tutorial!
Thank you so much!
Nice one, can you do a video on User impersonation using JWT ? Thanks
Bro, _configuration gives red flag, what's possibly the cause?
You are Perfect thank you.
Happy to help! Thank you very much!
so useful, thank you
my jwt is not validating after i create it can you help me?
Hey can you make it with sql connection and some other features like pagination
why he dont use sql connention ha
Nice video
Thanks!
Why in the world would an api need to know more than just the fact it’s an authenticated user and has access? The UI should do the login and then pass the token generated then with a call that passes they are authenticated and maybe a app id to validate that said app has access to it.
Is anyone know how to run this in postman..?
thank you , 💖💖
Token generated on stagging environment works in production and development too, can someone help how can separate token based on environment
You could use different signing keys for the different environments
@@PatrickGod thankyou Patrick. Regards.
I'd like to ask this. What is the advantage of using a custom authentication system rathen than using AD for instance? I know when one creates a project in VS, we have the option to select a auth system and it will be implemented and we can twist it.
Hi E243, from experience, especially if you are delivery SaaS, not all client may have AD that you can plug in to, you may want to have a fallback custom authentication system. I hope this helps. Cheers.
@adeyinkaroyal Make sense, but when a customer sign up, those information aren't going to be saved in Azure? I don't think one has to have credentials in AD. If I am wrong then it does make sense.
@@E243-v7n Hi, was offline for a while. That's correct, it means on sign up, you manage the customer's data in your repository of choice, hence you can build your own custom authentication on it.
Please help. How do I make a API that returns a list of records filtered by the personId?
I used the scaffolding API wizard.
This is killing me. I have it working for getting all the records, but I can’t seem to add a Where clause.
Thanks!!
without your code he cant help you but you can do something like this on your service
_dataContext.YOUDBCONTEXTTABLE.Where(t => t.Enabled)
.AsQueryable();
later you can call the service in your controller.
@@ydock I would be happy to show you my code, would you take a look?
When you call weather api how does it know to automatically call the auth/login controller to generate the token ? Where is this connection defined exactly ?I don't get it
Ah ok I found out its defined in the loginPath variable of Identity options
Not useful