Authentication & Identity

Authentication & Identity

This project implements the required entities and endpoints to handle authentication and authorization.

There is JWT authentication and ApiKey authentication.

I use Microsofts Identity (opens in a new tab) package with EfCore as the backing store.
So you are completely in control of your user data.

There are also fully written endpoints to handle log in, registration, password reset, impersonation and more.

Features

  • Login
  • Register
  • Create an account for another user without password
  • Forgot password / Reset password
  • Impersonate a user
  • Update a user
  • Use JWT token for authentication
  • Identity fully configurable with settings like password security, need to confirm email etc
  • Human readable errors for all possible errors

Api Key Authentication

Your users can create api keys via the add-api-key endpoint.

Clients can then authenticate requests via the x-api-key header.

Final Thoughts

  • Short docs page, because I have written a lot more explanation and ToDo's for you in the actual code base than usual.
  • Auth is the part of any app that I find vary the most when using this template. Users, roles, tenants and access concepts are just very different across apps.
    This is a good starting point, but you will have to touch these endpoints.
  • Based mainly on Microsoft implementation.
  • Definitely check out FastEndpoints documentation for cookies, jwt refresh or other useful features.