How to handle JWT in ASPNET Core MVC
Question
I have an ASPNET Core API handling Identity Framework, but I also have another web application using ASPNET MVC and I wish to handle sessions / identity using the same API I already have managing Identities.
How do I manage JWT in my Controllers that I want to markup with [Authorize] or that require a Role that may be retreived using Claims?
I've tried to find examples related to this but I only get content about the API using a mixup of MVC Core on the same API using Views.
I would like to give my users the refresh token button(handled perhaps an AJAX?) and the span-length of X minutes for example before they require to refresh to get a new token
1 answers
solution1
1 ACCPTED 2021-01-14 06:42:40
You have put the authentication on api, so you don't have to consider identity in MVC. I suggest that api only consider authentication and protected resources, MVC only considers interaction with users.
Configure jwt in api, and use [Authorize] to protect authorized resources in api. Save the authenticated token in a cookie or session.
About refresh token, you can extend the expire time with ajax.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.