Monthly Archives

2 Articles
Secure Web API RESTful services using Bearer tokens

Secure Web API RESTful services using Bearer tokens

This article talk s about securing ASP.net Restful web services, this is the first article of the series “Securing asp.net web applications”. This article talks about implementing Bearer Token-based Authentication and Authorization.

Authentication

Is the process of identifying the user and validating their credentials. If we map the Authentication to the example in this article, the process of validating user credentials and generating an access token is called Authorization.

Authorization

Is the process of determining if the user can access the requested resource. If we map the Authentication to the example in this article, the process of reading given Authorization token and determining if the user has access to requested Web API controller/ action is called Authorization.

Whats wrong with cookies? Why do we need token based authorization?

There is nothing wrong with cookies. Cookies are only usable in browser-based web applications. The RESTful web services (Web API) can be used on every platform that has an internet connection. Cookies might not be the right fit for those platforms (e.g. mobile applications). Embedding information in an interchangeable data format is far better than using Cookies to store user information.

Step 1. Create an Asp.Net Web API application

Read More

Use Material 2 with Dotnet core 2 Angular 4 spa template

Use Material 2 with Dotnet core 2 Angular 4 spa template

With Dotnet core 2, Microsoft included new Single-Page-Application (SPA) templates for client-side javascript frameworks like Angular, React etc.. In this blog post, I’m going over the steps that require integrating Angular Material 2 into the Angular 4 web application created using dot net core 2.0 angular spa template.

TypeScript

The web applications that created from Dotnet core spa templates (anglar, react etc..) contain a folder called “ClientApp”. This folder holds all the javascript framework components. These applications use TypeScript by default.

Webpack

Webpack is a module bundler, it takes modules with dependencies and generates static assets representing those modules. Read more about Webpack in this link

The SPAs now support webpack module bundler right out of the box. Web pack runs as part of the build and it does minifications of Javascript and css files as well.
In dotnet core spa template, webpack.config.vendor.js defines all the modules that are relevant to the application. You can add your own css/javascript files to this configuration file. We will use this file to include material javascript components and material theme files. The webpack.config.js file defines all the rules for bundling file, you can add your own rule here as well.
Read More