Asp.net core Identity and Token Based Authetication

2018-06-07 07:37:45

I have following scenario. I write asp.net core web api which will be used by mobile and web (asp.net core mvc web app) apps.

I authenticate user using asp.net core identity framework class SignInManager (add account controller and related classes manually) and then generate oauth token which will be used by client applications. By doing so I have 2 identities associated with the user. one is created by after I login using SignInManager.PasswordSignInAsync and second is created by generating oauth JWT token.

Is this correct approach or not?

Thanks

https://blogs.msdn.microsoft.com/webdev/2016/10/27/bearer-token-authentication-in-asp-net-core/

that might shed some light on what direction to go. there is also another blog post about using IdentityServer4 (3rd party) works well.

https://blogs.msdn.microsoft.com/webdev/2017/01/23/asp-net-core-authentication-with-identityserver4/

链接地址: http://www.djcxy.com/p/22432.html

上一篇: 我们可以在Asp.NET Core中销毁JWT令牌吗？

下一篇: Asp.net核心身份和基于令牌的认证