/FullstackAuth0

Kolejna próba implementacji ASP.NET Core + Angular + Auth0

Primary LanguageTypeScript

Fullstack Auth0

API Configuration

  1. Create ASP.NET Core Resource API project.
  2. To be able to use different ports for API and Client you need to enable CORS in ASP.NET. You will do it adding to Startup.cs:
public void ConfigureServices(IServiceCollection services){
...
services.AddCors(o =>
    o.AddPolicy("MyPolicy", builder => { builder.AllowAnyHeader().AllowAnyMethod().AllowAnyOrigin(); }));
}

public void Configure(IApplicationBuilder app, IWebHostEnvironment env){
...
app.UseCors(options => options.AllowAnyHeader().AllowAnyMethod().AllowAnyOrigin());
app.UseEndpoints(endpoints => { endpoints.MapControllers(); });
}
  1. Create new API on Auth0 page, with https://localhost:5001 audience (desired api link).
  2. In ASP.NET Core Startup.cs file add the following:
public void ConfigureServices(IServiceCollection services)
{
    services.AddControllers();
services.AddAuthentication(options =>
        {
            options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
        }
    )
    .AddJwtBearer(options =>
    {
        options.Authority = "https://your_auth0_url.auth0.com";
        options.Audience = "https://localhost:5001";
    });
}
  1. Add [Authorize] to routes you want to limit access to.
[Route("private")]
[HttpGet]
[Authorize]
public ActionResult GetPrivate()
{
    return StatusCode(200);
}