Authentication and authorization using WebApi

 

I'm developing an application using asp.net core Web API and Angular2

I want to implement authentication and authorization for my application

I want to know if it is a good choice to use identity server if have just one client(in angular 2 ) and I want that the login screen be attached to my client and not the identity server ?

As far as i understand, you want to use Token Based Authentication with following flow :

  • Client sends user cridentials(username, password) to server
  • Server generates a token and sends it to client
  • Client uses the token each secure web api calls

    • So, my suggest for your case:

    If you use AspNet Identity, OpenIddict with password grant is an option.

    If you use custom user store, use IdentityServer4 with password grant.

    If you want to write your own token endpoint, take a look at Token Based Authentication in ASP.NET Core

    note: password grant enable you to implement own login screen.

    链接地址: http://www.djcxy.com/p/22394.html

    上一篇: 带有自定义身份验证的Web API 2 OAuth承载标记

    下一篇: 使用WebApi进行身份验证和授权