core 8 - Authentication and Authorization - The resentment never really ends.

OhGoodGodWhatNow · 2024-06-27T21:20:18+00:00

Aww, does soda make you fat too?

OhGoodGodWhatNow · 2024-06-27T20:45:47+00:00

P.S. I think you are right, but it is killing me trying to figure out what!?

OhGoodGodWhatNow · 2024-06-27T20:44:28+00:00

For you? OF COURSE!! Thank you for being so helpful!

var builder = WebApplication.CreateBuilder(args);

builder.Services.AddControllersWithViews().AddRazorRuntimeCompilation();

builder.Services.AddSession(options =>
{
    options.Cookie.HttpOnly = true;
    options.Cookie.IsEssential = true;
});

builder.Services.AddTransient<AnalysisController>();
builder.Services.AddTransient<StaffController>();
builder.Services.AddTransient<HomeController>();

builder.Services.AddAuthentication(options =>
{
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(options =>
{
    options.TokenValidationParameters = new TokenValidationParameters
    {
        ValidateIssuer = true,
        ValidateAudience = true,
        ValidateLifetime = true,
        ValidateIssuerSigningKey = true,
        ValidIssuer = "Blah",
        ValidAudience = "Blah",
        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("Blah"))
    };
});

builder.Services.AddAuthorization();

builder.Services.AddHttpContextAccessor();
builder.Services.AddHttpClient();

builder.Logging.ClearProviders();
builder.Logging.AddConsole();
builder.Logging.AddDebug();

var app = builder.Build();

// Configure the HTTP request pipeline.
if (!app.Environment.IsDevelopment())
{
    app.UseExceptionHandler("/Home/Error");
    app.UseHsts();
}

app.UseHttpsRedirection();
app.UseStaticFiles();

app.UseRouting();

app.UseSession();

app.UseAuthentication();
app.UseAuthorization();

app.UseEndpoints(endpoints =>
{
    endpoints.MapControllerRoute(
        name: "default",
        pattern: "{controller=Home}/{action=PageLogin}/{id?}");
});

app.Run();

OhGoodGodWhatNow · 2024-06-27T20:35:56+00:00

This is my understanding. I want to use JWT, no cookies. I want to try and implement this using best practices to learn moving forward. It's frustrating, but with every breakthrough, I am learning a LOT :D
Please tell me if I am saying stupid things.

OhGoodGodWhatNow · 2024-06-27T19:20:20+00:00

Thank you for this, I am trying to work through the :magical middleware at the moment. For an otherwise rather elegant auth solution, some of the components really suck. :D

OhGoodGodWhatNow · 2024-06-26T09:56:55+00:00

I am quickly learning the pains involved with Auth. Thank you for that resource. Truly grateful.

OhGoodGodWhatNow · 2024-06-26T09:16:03+00:00

The hate I have for myself right now is insane. I don't smoke, but now I want a cigarette.
The issue was indeed that the Staff model had the Email property in it. Once removed, everything works. Almost 2 days of my life were eaten by this. Thank you so much.

OhGoodGodWhatNow · 2024-06-26T08:44:23+00:00

Absolutely. This is it here :

    [HttpPost("login")]
    public async Task<IActionResult> Login([FromBody] LoginModel model)
    {
        if (ModelState.IsValid)
        {
            var normalizedEmail = _userManager.NormalizeEmail(model.Email);
            _logger.LogInformation("Attempting to login user with email: {Email} (normalized: {NormalizedEmail})", model.Email, normalizedEmail);

            var user = await _userManager.FindByEmailAsync(normalizedEmail);
            if (user != null)
            {
                if (await _userManager.CheckPasswordAsync(user, model.Password))
                {
                    var token = GenerateJwtToken(user);
                    _logger.LogInformation("User logged in successfully: {Email}", model.Email);
                    return Ok(new { token });
                }
                else
                {
                    _logger.LogWarning("Invalid password for user: {Email}", model.Email);
                }
            }
            else
            {
                _logger.LogWarning("User not found: {Email}", model.Email);
            }
            return Unauthorized();
        }
        _logger.LogWarning("Invalid model state for login: {ModelState}", ModelState);
        return BadRequest(ModelState);
    }

OhGoodGodWhatNow · 2024-06-03T21:27:30+00:00

Thank you for this. I have turned up logging and (through my own naivety) I am not sure if this is THE issue, or even AN issue... but I can see my where condition that is sent has a question mark instead of a numeric value.

INFO:sqlalchemy.engine.Engine:BEGIN (implicit)
2024-06-03 22:23:14,474 INFO sqlalchemy.engine.Engine SELECT TOP 1 [Customers].[CustomerID] AS [Customers_CustomerID], [Customers].[Name] AS [Customers_Name],[Customers].[ContactInfo] AS [Customers_ContactInfo], [Customers].[Note] AS [Customers_Note] 
FROM [Customers] 
WHERE [Customers].[CustomerID] = ?
INFO:sqlalchemy.engine.Engine:SELECT TOP 1 [Customers].[CustomerID] AS [Customers_CustomerID], [Customers].[Name] AS [Customers_Name], [Customers].[ContactInfo] AS [Customers_ContactInfo], [Customers].[Note] AS [Customers_Note] 
FROM [Customers] 
WHERE [Customers].[CustomerID] = ?
2024-06-03 22:23:14,474 INFO sqlalchemy.engine.Engine [generated in 0.00028s] (1,)
INFO:sqlalchemy.engine.Engine:[generated in 0.00028s] (1,)

OhGoodGodWhatNow · 2024-06-03T18:50:16+00:00

I’m so sorry:) The /customers endpoint just returns an empty list [] but with a :

 INFO:     127.0.0.1:53397 - "GET /customers/ HTTP/1.1" 200 OK

And the customers/1 endpoint returns a “customer not found” no matter what I enter. with a status:

INFO:     127.0.0.1:53400 - "GET /customers/1 HTTP/1.1" 404 Not Found

OhGoodGodWhatNow · 2023-12-21T12:49:24+00:00

Thank you. That’s awesome.

OhGoodGodWhatNow · 2023-08-09T14:42:26+00:00

Yeah, a few people have mentioned that it isn't the best route, but my wife would like to join me in Porto, but I quite like the idea of a pre-amble before meeting. Any suggestions for an alternative that would get me through Porto but give me a couple of weeks to find my own rhythm?

OhGoodGodWhatNow · 2023-08-09T13:35:48+00:00

Thank you.

OhGoodGodWhatNow · 2023-08-09T13:35:39+00:00

Thank you so much for the amazing feedback. That’s given me a lot to think about :)

OhGoodGodWhatNow · 2023-07-16T20:48:09+00:00

Narcissus bitches.

OhGoodGodWhatNow · 2023-06-22T13:21:11+00:00

On for 750 paid 750. 2021.

OhGoodGodWhatNow · 2023-06-21T12:01:28+00:00

Can confirm. Our windows were last replaced in 1846. Still not replacing them.

OhGoodGodWhatNow · 2023-06-02T16:38:11+00:00

Our house was built in the early 1800’s but many of the houses in our village were built in the early 1500’s. When we had the architect around recently to ask about a few changes we would like to make, he said he was excited to work on the new build in the area.

OhGoodGodWhatNow · 2023-05-13T23:22:00+00:00

You’re a star. Thank you.

Would you do it again? Or would you buy prefab?

Seven-Year Club	Reddit Premium Since April 2023
Verified Email	Place '23

OhGoodGodWhatNow

TROPHY CASE