Code Maze Author
MY ARTICLES:
In the second part of this series, we were talking about securing Web API. But, we used the ResourceOwnerPassword and the ClientCredentials flows and Postman as a client. But now, we have our MVC client application, secured with the Hybrid Flow, which requires access...
We can use claims to show identity-related information in our application but, we can use it for the authorization process as well. In this article, we are going to learn how to modify our claims and add new ones. Additionally, we are going to learn about the...
In this part of the series, we are going to learn how to secure our web application (a client application) by using the Hybrid flow. We are going to start by introducing our pre-created client application. Then, we are going to learn how to modify the in-memory...
We have set up our identity server but we lack UI for the users to enter their credentials. We’ve shown how we can retrieve our token but for better user experience, we have to add UI to our Authorization Server. So, adding IdentityServer4 UI is our goal for this...
In this article, we are going to learn about IdentityServer4 Integration with the ASP.NET Core project. We are going to start with some explanations related to JWT, OAuth, OpenIdConnect, and Endpoints, to get familiar with the basics. After the theory part, we are...
Using an external identity provider while login to the application is a quite common case. This enables us to log in with our external accounts like Google, Facebook, etc. By using ASP.NET Core Identity, we are going to see that this is not a hard process at all. So,...
The two-step verification is a process where a user enters credentials, and after successful password validation, receives an OTP (one-time-password) via email or SMS. Then, they enter that OTP in the Two-Step Verification form on our site to log in successfully. We...
The user lockout feature is a way to improve application security by locking out a user who enters a password incorrectly several times. This technique can help us in protecting against brute force attacks, where an attacker repeatedly tries to guess a password. In...
Email Confirmation is quite an important part of the user registration process. It allows us to verify the registered user is indeed an owner of the provided email. But why is this important? Well, let's imagine a scenario where two users with similar email addresses...
One of the common practices in user account management is to provide a possibility for the users to change their passwords if they forget it. The password reset process shouldn’t involve application administrators because the users themselves should be able to go...
Authentication is the process of confirming a user’s identity. It is a set of actions, we use to verify the user’s credentials against the ones in the database. For the user to be able to provide credentials, our application requires a Login page with a set of fields...
With ASP.NET Core Identity fully registered we can learn how to perform user registration actions in our project. User registration is the process of registering users in our application by saving their credentials in the database. So, in this article, we are going to...
In this article, we are going to learn about ASP.NET Core Identity implementation in the ASP.NET Core project. ASP.NET Core Identity is the membership system for web applications that includes membership, login and user data. But, it is not just a user store, it is...
In this article, we are going to learn how to send an email in ASP.NET Core. We are going to start with simple project creation and creating a basic email configuration. Once we are finished with that, we are going to install the required MailKit library and create...
In this article, we are going to learn about the ASP.NET Core built-in data protection mechanism, IDataProtector, which we can use to encrypt and decrypt our sensitive data. Encryption and decryption are not the only features we are going to cover. We will also show...
Selenium is a library that helps us automate browser behavior. We can use it for different purposes, but its primary use is for automated UI testing of web applications. In this article, we are going to use Selenium to write automated UI tests and with that finish our...
In the previous article, we have learned how to write integration tests for different actions (Index and Create), but while we were testing the Create (POST) action, we faced a problem with AntiForgeryToken validation. We skipped that problem by commenting out that...
In this article, we will learn about Integration Testing in ASP.NET Core. Additionally, we will prepare an in-memory database so we don’t have to use the real SQL server during integration tests. For that purpose, we will use the WebApplicationFactory class. [sc...
In the previous article, we learned how to write Unit Tests by using the xUnit and the different attributes that xUnit provides for us. We've also seen how to test validation rules inside a single validation class. But what about controllers and all the actions...
This is the first article from the series where we are going to present different topics related to unit testing with xUnit in ASP.NET Core. Before we start with unit testing with xUnit, we are going to give a brief overview of the xUnit tool and our starting project....