hey i want to apply authorization in crud operations meaning only admin can add or delete the users or products others cannot . do u have a video on it or please make one i am looking for an easy way to do that
You can easily implement role-based authorization by adding "ClaimTypes.Role" to the claims during user authentication. Then, when assigning the [Authorize] attribute to your CRUD operations, specify the role that is allowed to perform those actions.
Great video, Thank you so much. I followed everything and jwt authorizing worked well, but unfortunately the token is not getting expired after the desired time. what may be the reason?
Thank you so much for your kind words! I'm really glad the video was helpful for you. The token expiration should work as I demonstrated. But there might be a slight delay of up to 5 minutes because of the default ClockSkew setting. If you'd like to remove that delay, you can set 'ClockSkew = TimeSpan.Zero' in your token validation parameters. This will make sure the token expires exactly when it’s supposed to.
Technically the code is in wrong places. Like the jwt Service should only contain logic specific to JWT token generation, hashing, verification. LoginService or UserService should handle saving and checking user in EF
Thanks for your feedback! As you mentioned, JWT service should indeed focus solely on token generation and validation. Since the video is primarily focused on JWT authentication, I didn’t dive deeply into service creation and structuring.
🌟 Get Source Code: www.patreon.com/CodingDroplets
Why didn't you create a refresh token?
Great question! I’ll be covering refresh tokens in an upcoming video soon, so stay tuned. Thanks for watching and for your feedback!
hey i want to apply authorization in crud operations meaning only admin can add or delete the users or products others cannot . do u have a video on it or please make one i am looking for an easy way to do that
You can easily implement role-based authorization by adding "ClaimTypes.Role" to the claims during user authentication. Then, when assigning the [Authorize] attribute to your CRUD operations, specify the role that is allowed to perform those actions.
Great video, Thank you so much. I followed everything and jwt authorizing worked well, but unfortunately the token is not getting expired after the desired time. what may be the reason?
Thank you so much for your kind words! I'm really glad the video was helpful for you. The token expiration should work as I demonstrated. But there might be a slight delay of up to 5 minutes because of the default ClockSkew setting. If you'd like to remove that delay, you can set 'ClockSkew = TimeSpan.Zero' in your token validation parameters. This will make sure the token expires exactly when it’s supposed to.
@@CodingDroplets ya its worked, Thank you🙂
Technically the code is in wrong places. Like the jwt Service should only contain logic specific to JWT token generation, hashing, verification. LoginService or UserService should handle saving and checking user in EF
Thanks for your feedback! As you mentioned, JWT service should indeed focus solely on token generation and validation. Since the video is primarily focused on JWT authentication, I didn’t dive deeply into service creation and structuring.
♥
Thank You! ♥