Token Based Authentication in ASP.Net using JWTs Part 2: Using Refresh Tokens

In Part 1 we setup basic token authentication using JWT’s with  Things are setup reasonably but all is not well.  As a developer, you could give the token a lifespan of 30 days and just force the user to re-login after those days but what if you make the user inactive and don’t want him to login anymore?  There must be better way.AJ

Generally, I token has a lifetime of about an hour and when it expires, we want to refresh that token, verifying that the user still has access to the system, etc.  The method that this is handled is using refresh tokens.  A refresh token is returned along with the normal token and it’s stored for when we must refresh normal token.

Starting from our previous app, let’s support refresh tokens.  Note, the completed code for this blog can be found here.

This will require us to track refresh tokens in our database, so first, let’s create the RefreshToken model.

Continue reading “Token Based Authentication in ASP.Net using JWTs Part 2: Using Refresh Tokens”

Simplify Asynchronous Calls in .NET

misc3_bgSince .Net 4.5, the async/await pattern has been a great tool to simplify asynchronous calls.  However, in WPF I frequently need to make async calls from a non-async function or event.  Often, this happens because I’m overriding a virtual function in an inherited class of a framework that I’m using and that function is synchronous.  To help with this, I created an async helper class:

Continue reading “Simplify Asynchronous Calls in .NET”

User Information in SharePoint Foundation

Mike BerrymanSharePoint Foundation does not have a User Profile Service, so how are users managed?

It turns out that there is a hidden system list on SharePoint Foundation (actually all versions of SharePoint, but much more useful in SharePoint Foundation).  To view this list, you simply visit http://<YourSharePointSite>/_catalogs/users/simple.aspx or details.aspx.

Continue reading “User Information in SharePoint Foundation”

Dual Login Method for Sharepoint

Mike BerrymanI recently had a client with a unique situation regarding logging in to their Sharepoint environment.  Without going into too much boring detail, the bottom line was the client needed to allow their Active Directory users to log in to a Sharepoint site that only used Forms-Based Authentication.  (Sidenote: If you’re truly curious, the Sharepoint site itself wasn’t actively denying people using windows credentials.  The problem was that the browser the client’s AD users were using to access this particular Sharepoint site didn’t play well with windows credentials).

Continue reading “Dual Login Method for Sharepoint”

Disappearing Page Elements and DXImageTransform

Mike BerrymanI was building a pseudo-report for a client using javascript to dynamically construct the report right on the page when I ran into a perplexing little bug.  What I was essentially doing was creating a timeline using a div with a short height and a wide width, then using absolute positioning to place some child elements of the div (images of an arrow) outside of the div at key points along the “timeline”.  All through my development, this worked absolutely fine, until I was nearing completion.  I launched the report to the client site and brought it up for testing, and all the child elements of the timeline div had disappeared!

Continue reading “Disappearing Page Elements and DXImageTransform”