Secured using Cookies, and OpenID Connect Hybrid Flow. Cookies configured with Same site and use Anti-forgery protection. Security headers are also applied.
2020-01-10 Updated nuget packages, same site fix
2019-12-21 Updated to .NET Core 3.1 Angular 8.2.14
2019-09-26 Updated to .NET Core 3.0 Angular 8.2.8
2019-09-14 Updated to .NET Core 3.0 preview 9, Angular 8.2.6
2019-08-27 Updated to .NET Core 3.0, Angular 8.2.3
2019-06-14 Updated to npm, nuget packages
2019-05-03 Updated to npm, nuget packages, in-process
2019-03-15 Updated to Angular 7.2.9, .NET Core 2.2
2018-09-17 Updated to Angular 6.1.7, latest .NET 2.1 packages, updated STS
2018-06-16 Updated to Angular 6.0.5
2018-06-16 Updated to ASP.NET Core 2.1
2017-09-22 Updated to ASP.NET Core 2.0, Angular 4.4.3
- Using Angular in an ASP.NET Core View with Webpack
- Secure ASP.NET Core MVC with Angular using IdentityServer4 OpenID Connect Hybrid Flow
- Anti-Forgery Validation with ASP.NET Core MVC and Angular
https://docs.microsoft.com/en-us/aspnet/core/security/anti-request-forgery?view=aspnetcore-2.2
https://stackoverflow.com/questions/46040922/angular4-httpclient-csrf-does-not-send-x-xsrf-token