bearer-token

问题 I have a web application. My requirement is that i need to generate oauth2 bearer token on every login. Currently we are using thinktecture to generate token, but this procedure is taking almost 7 seconds to generate token everytime. Is there any way i can generate token without using thinktecture ? 回答1: If you have created a new ASP.NET Web Application -> Web API with Individual User Accounts . Have a look at App_Start -> Startup.Auth.cs . It should contain something like this:

问题 I am currently trying to use 2 different bearer tokens in a .net core 2.2 app. I would like to use an Identity Server token and an Azure AD bearer token. According to Microsoft this is possible (https://docs.microsoft.com/en-us/aspnet/core/security/authorization/limitingidentitybyscheme?view=aspnetcore-2.2) but I am having no success getting it working. I have the Identity Server token as the "default" authentication followed by the AzureAD token as documented in the aforementioned link:

问题 A request using the Authorization: bearer [token] can be used for authentication? or Should we use another method to authenticate a client and issue a token then use the token as a bearer token like OAuth2 does? Why popular web services(e.g. Github, AWS, Google..) uses other method(like AWS does: Authorization: AWS4-HMAC-SHA256 Credential=... ) to authenticate a client. The point of the question is: is there any valunerables or violation of standards in the following flow or not. I would like

问题 Long story short. I have a login form in the header on every single page, when I log in successfully it works fine but when the user is incorrect for example it redirects to the default login page (a view that was originally created with MVC project) with the model errors. I don't want to do that, I want to show errors next to the login form without redirecting. So I decided to implement a login via WEB API - i.e. it does $.ajax jQuery request to the Login API Controller, tries to log user in

问题 We are using identity server 4 to protect the api/resources. One of the requirements is to trace the user activity which means, the last time the user consumed the api (not logged in but consumed). As we have 30+ apis, we thought it would be easrier to intercept this validation process/event to register in the database the last activity date once the token gets validated against the identity server . My question here, does this validation really happens on identity server level each and every

问题 I'm new to asp.net core. I'm trying to make a small web service using jwt authentication and OpenOauth from Google , Facebook, ... I've read this post : https://stormpath.com/blog/token-authentication-asp-net-core This post is about authenticating with jwt in ASP.Net core, but, I also want to verify whether the user is disabled or active in my system . My db has one table with 4 columns: Id, Name, Password, Status (0 - Disabled | 1 - Active). How can I archieve my goal ? Can anyone help me

问题 I am currently trying to convert a VueJS page to NuxtJS with VueJS. Unfortunately I have some problems with authenticating the user and I can't find a solution in Google. I only use Nuxt for the client. The API is completely separate in express and works with the existing VueJS site. In Nuxt I send now with the Auth module a request with username and password to my express Server/Api. The Api receives the data, checks it, and finds the account in MongoDB. This works exactly as it should. Or

问题 I have a .NET MVC and WEB API project. I want to call the WEB API controllers from javascript but I didn't find a way to send the token to my views. I want to add the bearer token in Viewbag variable, using the below code: protected override void OnActionExecuting(ActionExecutingContext filterContext) { //GetBearerToken doesn't exists ViewBag.BearerToken = Request.GetOwinContext().GetBearerToken(); } In _Layout.cshtml , I added the folowing code to set Authorization header for all ajax

问题 I have a Web API with authentication enabled (bearer token). This is called by a client application and I want to protect it from anonymous usage so I would like to create a single user and create a bearer token for it. I can create the token by calling the register and token methods, but I would like to do this from code. As far as I know, the bearer token is not stored in the database. Can it be retrieved somehow using the ASP.NET Identity API ? I would also like to create this user from

问题 For the first time I'm creating Authorization in ASP.NET Core. I used tutorial from here TUTORIAL The problem is when I sending request from postman: Authorization:Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6I... to my method in controller decorated with [Authorize] attribute. I receive 401 Unauthorized always... I saw comments bellow that tutorial and it seems that some people have similar issue also. I've no idea how I can solve this problem. 回答1: At the request of others here is the answer: The