Это видео недоступно.
Сожалеем об этом.
.NET 6 Web API Authentication | Minimal API & Swagger (CRUD)
HTML-код
- Опубликовано: 15 авг 2024
- In this tutorial we’ll create a .NET 6 Web API (Minimal API) that will enforce JWT Authentication and Authorization. Furthermore, we’ll add Swagger support and configure Bearer Authentication for it, so that all of our endpoints can be testable from Swagger UI using a bearer token.
By the end of this tutorial, you will know:
- How to create a Minimal API project
- Create and use Data Transfer Objects
- Create Services that expose data
- Understand the basics Minimal API in .NET 6
- Setup a CRUD .NET 6 Web API (Minimal API) that will expose services methods
- Configure the API Endpoints for Authentication and Authorization with JWT Bearer
- Setup Swagger support and configure bearer authentication with Swagger
- Understand the basics of Swagger Documentation in .NET 6
For this tutorial there are two pre-requisites .NET 6 and Visual Studio 2022. Here is a video showing where to download these from: • ASP.NET Core Web API A...
Source code: github.com/iul...
👉Join our monthly email club: signup.codewit...
🎉Check Out Further Resources: codewithjulian...
👍If you enjoyed this tutorial, please like this video consider subscribing for more content like this!
😎Subscribe for endless .NET Tutorials: / codewithjulian
0:00 - Intro
0:21 - Create Minimal API Project
1:02 - Add Data Transfer Objects
2:47 - Add Data Repositories
4:59 - Creating Services
11:09 - Install JWT Dependencies
12:17 - Configure Minimal API Endpoints
20:41 - Add Swagger Support
23:30 - Add JWT Authentication
29:03 - Generate JWT on Login
35:05 - Configure Endpoints for Authentication
38:27 - Configure Bearer Authentication in Swagger
43:43 - Swagger Documentation
Useful Links:
Enterprise CRUD API Controller: • Create a CRUD Blazor W...
Basics of JWT: • What is Json Web Token...
Dependencies:
- Microsoft.AspNetCore.Authentication.JwtBearer --version 6.0.0
- Microsoft.IdentityModel.Tokens --version 6.14.1
- System.IdentityModel.Tokens.Jwt --version 6.14.1
- Swashbuckle.AspNetCore --version 6.2.3
Credits:
- Sound effects obtained from www.zapsplat.com
- Icons designed by www.freepik.com and www.flaticon.com/
- Images from the artists on unsplash.com/
I learned more in this 45min video than multiple videos spanning hours in total. Straight to the point and no missing or vague info. Thank you 😀
Thanks for the feedback! I's glad it's been helpful!
Need someone to make a JulianAI wrapper that will whip out tutorials for anything I need to learn about
Quick and to the point at every step but includes details about the purpose of pretty much every line of code. Perfect style of tutorial videos!
The Subscribe overlay ist much better than interrupting the video. Once again, thank you so much for this high quality information.
Glad it was helpful!
You are rapid and straight to the point - the best method I meet so far. "Tim Corey" is way behind your style.
Different teaching styles. I personally like both. But Tim Corey is one of the best in my opinion
I like your style. You are clear and fast. You also tackle very recent topics. Keep up the good work.
In simple words and to the point explanation..... great teaching style 👏..... I've learnt a lot and also understood the complete flow of JWT token, authentication and authorisation role based
Great work very well explained with simplicity. Keep it up!!
I am honored that you chose me as the admin example.
I really like your fast and compact tutoring.
For anyone having issues with this, make sure you install the exact versions of the dependencies because there is an issue with the updated ones. Thanks Julian
You're welcome! Correct, that's exactly why I show the versions and you can find the dependencies in the description along with their versions.
Backend made simple.
This is just what I needed.
Thanks, Julian!
Perfect job, Julian, I have enjoyed with your tutorials the whole weekend.
Thanks Petr! Really glad they've been helpful to you!
What a joy of video
Thank you so much for the kind words!
Thank you very much Julian for the excellent topic.
Please keep on doing the excellent and valuable series.
Best Regards.
It was so helpful. Ty mate.
Excellent thank you... although I had to give the James Bond movie a rating of 3!! :)
Amazing tutorial. Thank you very much ! This is just what I needed
Very good man ! You deserve many more subscribers
Thanks, Very helpful to create JWD Authentication based API.
Very good explanation. I really enjoyed the approach. Keep this way!
Very instructive and to the point! Appreciated!
Glad it's been helpful!
Hi Julian, this tutorial has been very helpful for me.
I have suggestions for you, in minute 11:09 you add the dependencies and don't explain why, also you do the same thing in minute 14:00 when you add "AddEndpointsApiExplorer" just for no reason.
I'm a experienced developer and I know what that means, but think like a beginner.
Better than do is to understand 😀
This look a copy paste tutorial, you don't explain...
Thanks for the feedback Eduardo, much appreciated. Firstly, while the video is filled with explanations, unfortunately there is so much a single video can cover. Secondly, _AddEndpointsApiExplorer_ is a necessary service to be registered for Swagger support. Lastly, further research is most of the times required if you wish to go deeper into a subject.
Thank you!
Thank you so much for this informative video
Excelente content. I'm really glad I found this channel. Thank you!
Glad you enjoyed and was useful!
Lovely tutorial. Thanks. Really helpful in understanding..net6 minimal api 💯
awesome very good number 1 tut easy to udnerstand
Great Explanation 👌
Hey Julian, great video! It was very useful to me
Nice content, congrats👏🏽
Thank you so much !
it helped me a lot to implement JWT so easly !
Thank you so much for this video, you just saved my life!
you`re so good
Thanks! Glad it's been helpful!
Very clear and easy to follow... but in the end, did you have to run? Felt like 1 minute was cut off
Thanks for the feedback! No, that's the whole content of the tutorial.
excellent work 😀
BTW, how are you adding code to your project one line at a time? We don't see you typing, and that's a good thing.
@@CodeWithJulian This is very smart of you to do. I was guessing it might have been a plugin.
That was all great fast track. I liked it all the way. How you could make it even better is add some short explanations on complex parts where you just said instead "because ... this is how you do x" like with Bearer Swagger authentication part. This could be just shown as complete batch of code for a few seconds instead of typing as there is no explanation on it whatsoever.
Thanks for the feedback and for your suggestion, that's a good idea! Much appreciated!
Thank you for creating this great tutorial video (y)
You're welcome!
Awesome video, thanks!
Why you didn't do a controller? That way the example can help people to build something they really need
Perfect!
It's great pal 😎
I like it
Great content bro
Thenk Julian.
38:34 I didn't know you could pass your auth via Swagger!!!!!! WOW!!! wow! wow!
Yeah such a useful feature!
very good
Thanks a lot, appreciate it!
Hey mate, thanks a lot i loved this!
After the first delete the next insert will blow up your primary key. Use a sequence map instead, please...
Thanks for the suggestion! Sure a sequence map works too, or a database entity, but this was more for API demonstration purposes.
Thenk Julian
is it normal practice to have all these functions in a program.cs file or is there a way it could be done in different files?
just what I needed, I had not found such a clear and well explained tutorial, thank you very much! do you have any video about refresh token for these minimal API?
Great suggestion. My next tutorial will have refresh tokens! Glad it's been useful. Thanks for the feedback!
@@CodeWithJulian Thank you very much, I'll be on the lookout!
Amazing video, How to convert those map function into the controller? Thanks
thank you
Light code and great
Thanks very much Julian ! These videos are gorgeous! How do you manage? so clear and highly explaining!!! Very helpful !! 🙂
Thank you Tommy, really appreciate your kind words! It takes plenty of research and lots of hours. But it pays off when I see the tutorials prove to be helpful! Have a good one!
@@CodeWithJulian Great tutorial! What tool do you use to paste chunk after chunk of code so seamlessly?
@@baetz2 Thanks for the feedback, much appreciated! I don't use a tool, here's what I do: I paste the code/function/block in before the scene, then remove it line by line (or in relevant chunks). Then, the bit that gets in the video is when I press CTRL + Z to redo what I've cut off screen. This lets me explain the code as much as possible.
@@CodeWithJulian Thanks for the explanation. I appreciate your caring about saving viewers' time. This should be an industrial standard for tutorial videos.
@@baetz2 Thanks for the feedback! It's always good to know what works and what doesn't, so I appreciate it!
It would be easier to follow if you slowed down a bit and explained more of the pasted lines of code.
Hey would you please explain the relation of two tables and getting the data in one api and also with stored procedure with relation between the cases
Hi there, there is no concept of tables in this tutorial, to keep things simple. But I suppose if you're going to integrate a database management framework, it would be a many to many relationship between Users and Movies, so you'll need a UserToMovies bridging table. But it really depends on the use case. Hope this helps!
Very comprehensive tutprail. It was very to follow. From here, I went ahead and added RefreshToken support. I'm surprised that there is no guide on setting up a client portal (Core MVC/Blazor) that can automatically authenticate with API and also do auto refresh, if token expires. Any chance you can shed some light? Is it even possible? My portal access the web API through a single service account.
Thanks for your feedback! I will make a separate tutorial covering Refresh Token.
thanks for the videos. I do have a question. What's the difference between this authentication and Identity Server? I'm trying to figure out when one should use identity Server considering how much work it takes to set things up. Thanks in advance.
built in auth is only for app, IS4 cookie you can take it to any app or multiple app with same cookie if authenticated, lets say you have shop, normal website, blog etc, all login from single sign on, then IS4, that's how I do it, also extra layer security if identity server is in cloud i think.
I dont like long codes on the program.cs, is there another way to put the code ?
Separate them as shown in this video 👉 ruclips.net/video/XlzYTpXGs8k/видео.html
Wow, excellent video man. Do you by any chance have a discord server? :) Keep up the great work, very helpful for a student dev like me
Should we use minimal API for large projects involving lots of area and classes? I see all the code now in just 1 file
@@CodeWithJulian thanks for your prompt reply. Will be waiting for your new video.
Here is one of the approaches you can use with minimal API and larger projects: ruclips.net/video/z32_7KgCr6c/видео.html
Hi
Why this " [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]"?
Why without (AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme) the response is 401?
mine returns 401 regardless I need help
I have 2 .NET applications ( MVC .net 4.7 and React + core .net 6) in the same folder which I want to deploy in the Azure App service under same domain because both share the same cookie value. I would like to know is it possible to deploy using App service or do I need to create an Azure virtual machine and deploy it on IIS? Thanks
@@CodeWithJulian thanks a lot for you prompt reply. I got the answer its not possible as we can only deploy applications belonging to same framework
Hi Adil, unfortunately this channel does not focus yet on React and I won't be able to advise accordingly in a satisfactory manner. I am happy though that you were able to find an answer to your question.
It would be nice to have seen an implementation of refresh tokens.
Yes, thanks for the suggestion. It'll be part of a future video!
How do i call this api in Winform c#
Could you please do a Video with Azure Active Directory Authentication (JWT, Bearer, MinimalApi, Roles, Claims, ...)?
Thanks for suggestion. Azure videos are planned for the future.
how i can document my api in controller with swagger?. It's possible?
@@CodeWithJulian Thanks!
hey Julian, can you make a tutorial on refresh tokens?
Hey, that's covered in the next tutorial!
@@CodeWithJulian , I looked into some videos and can't find any reference to issuing refresh tokens. Can you point me out to the video? Thanks
@@miglrodri Hi, I meant in the next tutorial that I will publish on the channel. Have a good one!
@@CodeWithJulian , ok thanks, great work ✌️
can i ask you please where did you get the docs for swagger and jwt?
I found resources from MS Docs to be helpful, just Google for swagger .NET 6. Also check out the JWT intro video in the description.
Hi! Where i can configure the life time for the token?
Hi, so that would be done in Program.cs line 80 (the expires property). This is where the JWT is generated/newed up.
@Code with Julian I have a request can u please do a video on paging in asp.net core web api?
First of all - thank you for this extraordinary good tutorial. It hardly can gat any better. There is just one thing I struggle a little with.
In 20:10 roughly you state that you are gonna show how to call these endpoints.
Somehow I couldn´t find that you did in the end.
My question would be.
How do I call these endpoints from a .Net application - let´s say a WPF or a Windows Forms App.
How do I get the references to the IMovieService and the Service Implementation into my UI Application
(do I have to recode them there or can I get a reference to the type through the API?)
and how exactly do I call the endpoint from there.
Again thank you for the great work.
Hi there, thanks for your feedback, it really means a lot knowing it's been helpful!
Yes you're right! I meant I'll show how to consume those endpoints with Swagger. I probably could've worded that better. But you can call those endpoints like any other, and you don't need to worry about the dependencies (IMovieService & IUserService in this case), as asp.net takes care of injecting them into your methods. This is as long as you register them at the top (see lines 7 and 8 of Program.cs). So in this case, to send a request to the /get method you just add the base URI (localhost:7006 in this app) + route. For example: _localhost:7006/list_ (to get the full list), or _localhost:7006/get?id=2_ (to get entry with id 2). You can see them in the Request URL of the Swagger page (23:04). Don't forget to add _https_ beforehand. Also, you can check out this video where we'll test the endpoints with Postman (there you can see the actual URL) 👉 ruclips.net/video/j8gM6pBrclI/видео.html I hope this helps, have a good one!
@@CodeWithJulian Hi Julian thank you for your quick response. I´ll try as soon as possible. I was not aware about the difference between WebApi and Frameworks like WCF. I thought the API would return an object of the service like WCF does and so would need a reference to the type - didn´t realize the API returns JSon although it should have been obvious. The forest and the trees :)Thanks a lot.
Why is so complicated ?
@@CodeWithJulian Thanks to you for the video..!
Remove the nullable like that sis gonna confuse many newcomers
The purpose of the Nullable option is to help protect against NullReferenceException, usually by showing warnings when a possible null reference is identified. This is good to have in in a real-world application, but for the simplicity of the tutorial, I opted out. This was done by default in previous versions of .NET.
can you please help me and dont delete my comments? :D
Severity Code Description Project File Line Suppression State
Error CS1061 'UserLogin' does not contain a definition for 'Username' and no accessible extension method 'Username' accepting a first argument of type 'UserLogin' could be found (are you missing a using directive or an assembly reference?) MinimaUWT C:\.net Projects\MinimaUWT\Services\UserService.cs 10 Active what is wrong with this code pls help someone
hello, where can i get url key at app.settings?
That key is what signs (hashes) your JWT so it could be secure. You could use an offline password generator, or your keyboard to come up with a strong and random combination. The longer the better. Hope this helps!