C
C#10mo ago
Kiel

❔ AuthZ/AuthN with ASP.NET Minimal APIs

What's the correct way to do authz/authn with minimal APIs in asp.net? I'm doing both of those things based on the provided Authorization header, which is an API token of the format: 
+              Hashed ID portion                       Generated cryptographic portion  
MQAzADIAMwA0ADkANAAzADkANQAwADYAMwA4ADIAOAA0ADgA.EFujxWr7BQRRBkiVEmJozkcGMjtIbAbOjQdQiw7GB+Q=
+              Hashed ID portion                       Generated cryptographic portion  
MQAzADIAMwA0ADkANAAzADkANQAwADYAMwA4ADIAOAA0ADgA.EFujxWr7BQRRBkiVEmJozkcGMjtIbAbOjQdQiw7GB+Q=
AuthZ will be treating the hashed ID like a username and the cryptographic portion like an auto-generated password to validate a user's identity. AuthN will be simply validating that the (unhashed) ID matches the ID in the route the user is requesting. What's the simplest (but still correct) way to do this? the article I read went wayyy over my head and looked designed for much more complicated solutions so maybe if someone else were to explain it I'd hopefully understand. I'm unsure if it's just as simple as me implementing my own IAuthorizationService/IAuthenticationService thonk2
1 Reply
Accord
Accord10mo ago
Looks like nothing has happened here. I will mark this as stale and this post will be archived until there is new activity.
Want results from more Discord servers?
Add your server
More Posts
✅ Need Help Finishing Up Installer C# Avalonia V11.0.2https://pastebin.com/gNG6t3Fd This is my current code with all the fluff text to be an example of w❔ C# extension is still BrokeyHello helpers of the C# discord. So, a few weeks ago there was a bug in the C# Extension of VSCode. new to c#when I run `dotnet run` this code ```using System; namespace project_acsv { class Program {✅ String search by user text input algorithmI have a list of some objects that have a "name" string, what is the best way to search for an objec