Anas TINA
asked on
I need to do authentication for WCF Services using JWT
Hi,
We need to authenticate our system users; System architecture is 3-tiers as follows:
Storage server: MS SQL Server
Application server: WCF services hosted in IIS
Presentation: Website built using AngularJS, Mobile App.
I searched the web and found that JWT is useful for this purpose.
I found many frameworks such as https://identityserver.io/
BUT we need NOT to depend on any framework.
Please collaborate by adding code, configuration,... snippets to do the authentication.
PLEASE no external URLs.
Note: we are using the .Net framework 4.8
We need to authenticate our system users; System architecture is 3-tiers as follows:
Storage server: MS SQL Server
Application server: WCF services hosted in IIS
Presentation: Website built using AngularJS, Mobile App.
I searched the web and found that JWT is useful for this purpose.
I found many frameworks such as https://identityserver.io/
BUT we need NOT to depend on any framework.
Please collaborate by adding code, configuration,... snippets to do the authentication.
PLEASE no external URLs.
Note: we are using the .Net framework 4.8
ASKER
Could you please share code, configurations ...
angular.module('app').config(['$httpProvider', ($httpProvider) ->
$httpProvider.interceptors.push(function($q, dependency1, dependency2) {
return {
request: function (config) {
config.headers = config.headers || {};
var token = localStorage.getItem('token');
if (token) {
config.headers.Authorization = 'Bearer' + token; // see note below (**)
}
return config;
},
};
})
])The above code demonstrates how to add a token to the header of each outgoing http request.
As part of your login process you store the token in local storage.
ASKER
Could you please share the code of server side (C#)?
Unfortunately I cannot - I work primarily with JavaScript frameworks and have little .Net experience on Web (lots on Forms and WPF - but not much on the web side)
However this is a very very very common requirement - you should be able to find a significant amount of information on how to do this through a google search.
Search for
C# Authorization bearer token
as a start
However this is a very very very common requirement - you should be able to find a significant amount of information on how to do this through a google search.
Search for
C# Authorization bearer token
as a start
ASKER
Thanks Julian,
Will do google search, and waiting for other experts to comment.
we have some projects using JWT authentication in .NET recently but I can't really share the source codes with you as it was done by the engineer from my company's business partner.
However, I do believe we are referring to https://jwt.io/ where the solutions were built based on the .NET libraries that mentioned in that website.
ASKER
Could someone provide me guidance on integrating JWT in my backend server?
Did you try searching
C# JWT
I found many articles such as this one
https://stackoverflow.com/questions/40281050/jwt-authentication-for-asp-net-web-api
Then there is JWT home https://jwt.io/
There are many code examples out there on how to integrate JWT into C# - it is not feasible to recreate those examples here. What will work better is for you to look at what is online and try to implement and then come back here with specific problems you are having, posting code.
C# JWT
I found many articles such as this one
https://stackoverflow.com/questions/40281050/jwt-authentication-for-asp-net-web-api
Then there is JWT home https://jwt.io/
There are many code examples out there on how to integrate JWT into C# - it is not feasible to recreate those examples here. What will work better is for you to look at what is online and try to implement and then come back here with specific problems you are having, posting code.
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
All JWT's are, are encoded tokens that you store in local storage and pass back with each http request to the server.
You can use JWT's or you can create your own token.
When user logs on - create a random token and assign to that user.
Return the token as part of the login process.
On the client store the token in localStorage (or a cookie)
If using localStorage then add an AngularJS method to preprocess outgoing http requests - in there you add the token to your header using the Authorization key
On the server you check for that Authorization header - extract the token and match it against your user base - if there is a match the user is authenticated.