Token Based Auth in ASP.NET Core 2 Part 2: Refresh Tokens

In my last post, I discussed how to setup JWT’s in ASP.NET Core 2.  In this post, I’ll extend that example, adding the ability to refresh the JWT when it expires (i.e. refresh tokens).  A refresh token will be returned with the JWT when the user logs in.  And this new token will be used to refresh the JWT when it expires.  We’ll simply create another middleware that handle’s the refresh token.AJ

Continuing from my previous post, I’ll add refresh tokens to the application.  The source code for this demo can be found here. Continue reading “Token Based Auth in ASP.NET Core 2 Part 2: Refresh Tokens”

Token Based Authentication Using Asp.Net Core 2.0

ASP.Net Core 2.0 came out recently and there were quite a few changes to the


authentication scheme.  In this article, I’ll talk about how to setup token based authentication using JWT’s in ASP.Net Core 2.0.  We’ll use the Identity system to handle authentication, and Entity Framework to access an MS SQL backend.  NOTE: you will probably need to install the .Net Core 2.0 Libraries.

The source code for this can be found here. Continue reading “Token Based Authentication Using Asp.Net Core 2.0”

Token Based Authentication in ASP.Net using JWTs Part 2: Using Refresh Tokens

In Part 1 we setup basic token authentication using JWT’s with  Things are setup reasonably but all is not well.  As a developer, you could give the token a lifespan of 30 days and just force the user to re-login after those days but what if you make the user inactive and don’t want him to login anymore?  There must be better way.AJ

Generally, I token has a lifetime of about an hour and when it expires, we want to refresh that token, verifying that the user still has access to the system, etc.  The method that this is handled is using refresh tokens.  A refresh token is returned along with the normal token and it’s stored for when we must refresh normal token.

Starting from our previous app, let’s support refresh tokens.  Note, the completed code for this blog can be found here.

This will require us to track refresh tokens in our database, so first, let’s create the RefreshToken model.

Continue reading “Token Based Authentication in ASP.Net using JWTs Part 2: Using Refresh Tokens”

IBS Solutions Group Presents .NET Core to Development User Group in Lansing, MI

Joseph DotsonOn Thursday, I traveled to the TechSmith Corporation in the Lansing, Michigan area to deliver a presentation about .NET Core, Microsoft’s newest open source cross-compatibility framework.

At the presentation, I discussed some of the platform’s features and functionality, such as dependency injection, logging, user roles/identities, and use cases.

Continue reading “IBS Solutions Group Presents .NET Core to Development User Group in Lansing, MI”

Codemash 2016 – Humanitarian Toolbox

Rick HerrmannFor the second Codemash pre-compiler day I spent the full day working on the Humanitarian Toolbox project @htbox) with Bill Wagner (@billwagner) and Tony Surma (@tonysurma) and 5 other developers.

What is it?

The Humanitarian Toolbox is an open source non-profit organization, that creates software for disaster response teams. To kick things off, Tony gave us an overview of the projects and we pulled the code from GitHub.

Continue reading “Codemash 2016 – Humanitarian Toolbox”

Spacial Data in SQL Server

3It’s not very often which you deal with spacial data in SQL. In fact, I find it to be a very rare occurrence, but when it does happen, it’s nice to know that there are two libraries for it: geometry (which is for Euclidean Geometry) and geography (which uses lat/long, and takes into account the curvature of the earth).

Continue reading “Spacial Data in SQL Server”

Compatibility Switches

3In the new version of .NET (version 4.6), Microsoft came out with AppContext. This little class has two methods: SetSwitch and TryGetSwitch.

The idea behind these two methods is to allow op-out functionality of new features. If for example, you want to change the format of the logs your library creates. You can have a switch called “Switch.MyLibrary.UseOldLogStyle” that allows the user to keep using the old format. This is great if the end user has some automation parsing the existing logs, and don’t want their parser to break.

Continue reading “Compatibility Switches”