stackoom
  简体   繁体   中英

Authentication for dotnet core SPA template

 原文  2019-01-08 22:27:39       asp.net-core/ .net-core

Question

I am using ASP.Net Core SPA templates to create a single page app. These templates do not have the options to select authentication options.

I would like configure the app to use OpenId Connect authentication (with AzureAd and other providers). I would like to avoid using Js libraries for authentication. Is this possible?

I tried to add the authentication pieces manually after creating the project, but that doesn't seem to be working.

2 answers

solution1
 1  2020-03-18 12:36:02

In Core2x this is a bit of work but you can do it.

In Core3 it's as simple as

dotnet new react --auth Individual --use-local-db

The --use-local-db parameter uses SQL Server instead of SQLite for the identity database. By default it will use localdb and create a database in the web root. This is unlikely to be what you want so

  • Create a blank database on your SQL Server
  • Update the connection string in appsettings.json to point at it
    • server= your server name ;database= your db name ;uid= your SQL username ;pwd= your SQL password
    • server= your server name ;database= your db name ;Integrated Security=True

Anyone unhappy about uid and pwd in a connection string? Now's your chance to explain how to use integrated security with an Azure SQL database.

Anyhow, this produces a feature complete UX for creating and managing identity. You can associate multiple identities with a single account, and you can even support multiple ADFS providers.

The transition between MVC and SPA is seamless. So far the only problem I've had is figuring out how to customise or style the canned UX.

solution2
 0  2019-01-08 22:38:25

If you are using NodeJs backend, you need to implement your authentication/authorization mechanism in SPA framework (such as Angular, React). You cannot expect otherwise.

If your APIs are on the same SPA application, you can implement authentication/authorization only for your back-end APIs. But for front-end you cannot rely on that.

The main point is, SPA is Single Page Appplication as it stands and ASP.Net (Core) makes Controller/Action based Authentication. SPA generally has only one starting (bootstrap) page. Thus, It cannot handle Authentication/Authorization by itself and It shouldn't

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question SignalR dotnet core authentication Authentication in .net Core with ReactJS SPA Want to add Hybrid Flow Authentication to the (dotnet) backend of a SPA Migrating Authentication from dotnet core 1.1 to dotnet core 2.0 Dotnet core Identity authentication with Azure AD Authentication with custom implementation of IAuthorizationPolicyProvider in dotnet core 3.1 DotNet Core Api - Different Authentication for specific endpoints .NET Core authentication on every request (including js / spa) ASP.NET Core SPA Vue Template vs Vue CLI Publishing ASP.NET Core 2 Angular 6 SPA Template Application
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM