{"id":15549273,"url":"https://github.com/adityaoberai/rolebasedauthsample","last_synced_at":"2025-05-06T22:23:06.101Z","repository":{"id":205852384,"uuid":"715153062","full_name":"adityaoberai/RoleBasedAuthSample","owner":"adityaoberai","description":"ASP.NET Web API sample to showcase RBAC via JWTs in .NET 8","archived":false,"fork":false,"pushed_at":"2023-11-16T06:14:32.000Z","size":13766,"stargazers_count":17,"open_issues_count":0,"forks_count":9,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-19T15:35:46.395Z","etag":null,"topics":["authentication","dotnet","dotnet-8","jwt","security"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/adityaoberai.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-11-06T15:25:11.000Z","updated_at":"2025-01-31T22:34:15.000Z","dependencies_parsed_at":null,"dependency_job_id":"34d65be6-1b85-4f42-9b84-26f18f80633f","html_url":"https://github.com/adityaoberai/RoleBasedAuthSample","commit_stats":null,"previous_names":["adityaoberai/rolebasedauthsample"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adityaoberai%2FRoleBasedAuthSample","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adityaoberai%2FRoleBasedAuthSample/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adityaoberai%2FRoleBasedAuthSample/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adityaoberai%2FRoleBasedAuthSample/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/adityaoberai","download_url":"https://codeload.github.com/adityaoberai/RoleBasedAuthSample/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252777382,"owners_count":21802592,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","dotnet","dotnet-8","jwt","security"],"created_at":"2024-10-02T13:33:27.837Z","updated_at":"2025-05-06T22:23:06.076Z","avatar_url":"https://github.com/adityaoberai.png","language":"C#","readme":"# Role Based Auth Sample - .NET Conf 2023\n\n## Description\n\nThe **Role Based Auth .NET Sample** is an **sample ASP.NET Web API** to help understand how role based authentication can be implemented via JWTs in a **.NET 8** application. It utilizes an **InMemory database** using **Entity Framework Core** for storing user data and the **Argon2** hashing algorithm for encrypting passwords.\n\n### .NET Conf 2023\n\nThis sample was created for Aditya Oberai's talk at .NET Conf 2023.\n\nYou can download the presentation [here](AdityaOberai-DotNetConf-2023.pptx)\n\n## Understanding the API\n\nThe API has 1 controller:\n\n- **AuthController**: Contains the login, registration, and test APIs\n\n### AuthController\n\nThe `AuthController` contains the login, registration, and test APIs we are using to get and try the JWT token authentication.\n\n* POST `/auth/login`\n\n    * Returns the JWT token along with the user information from the database after the user enters their email and password.\n    * Post Http Request Link: `https://\u003cYOUR-DOMAIN:PORT\u003e/auth/login`\n    * Request Body Example:\n\n        ```json\n        {\n            \"userName\": \"adityaoberai1\",\n            \"password\": \"test1234\"\n        }\n        ```\n\n    * Response Example:\n\n        ```json\n        {\n            \"userName\": \"adityaoberai1\",\n            \"name\": \"Aditya Oberai\",\n            \"roles\": [\n                \"User\",\n                \"Admin\"\n            ],\n            \"isActive\": true,\n            \"token\": \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6ImFkaXR5YW9iZXJhaTEiLCJnaXZlbl9uYW1lIjoiQWRpdHlhIE9iZXJhaSIsInJvbGUiOlsiVXNlciIsIkFkbWluIl0sIm5iZiI6MTY5OTI3OTQyNywiZXhwIjoxNjk5MjgxMjI3LCJpYXQiOjE2OTkyNzk0MjcsImlzcyI6IlRlc3RJc3N1ZXIiLCJhdWQiOiJUZXN0QXVkaWVuY2UifQ.d9bAAqm1iHWmf7klIBWA2tFf2Pkvzfkee1lBvhv0_Ag\",\n            \"password\": \"$argon2id$v=19$m=65536,t=3,p=1$gFcsc5mOvzCclGj+o2CqeQ$TBCPrC6HW1+kCmtCc7vai9JJv3SOgPQK/mMjiJf7X8M\"\n        }\n        ```\n         \n        \u003e Note: Token returned will be different from the example\n\n* POST `/auth/register`\n\n    * Adds the user's details to the database and returns the JWT token along with the user information after the user enters their information.\n    * Post Http Request Link: `https://\u003cYOUR-DOMAIN:PORT\u003e/auth/register`\n    * Request Body Example:\n\n        ```json\n        {\n            \"name\": \"Aditya Oberai\",\n            \"userName\": \"adityaoberai1\",\n            \"password\": \"test1234\",\n            \"role\": [\n                \"User\", \n                \"Admin\"\n            ]\n        }\n        ```\n\n    * Response Example:\n\n        ```json\n        {\n            \"userName\": \"adityaoberai1\",\n            \"name\": \"Aditya Oberai\",\n            \"roles\": [\n                \"User\",\n                \"Admin\"\n            ],\n            \"isActive\": false,\n            \"token\": null,\n            \"password\": \"$argon2id$v=19$m=65536,t=3,p=1$gFcsc5mOvzCclGj+o2CqeQ$TBCPrC6HW1+kCmtCc7vai9JJv3SOgPQK/mMjiJf7X8M\"\n        }\n        ```\n\n* GET `/auth/test`\n\n    * Returns claims from the JWT sent as the **Bearer token** in the `Authorization` header with **User** role.\n    * Get Http Request Link: `https://\u003cYOUR-DOMAIN:PORT\u003e/auth/usertest`\n    * Request Header Example:\n\n        ```\n        Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6ImFkaXR5YTEiLCJnaXZlbl9uYW1lIjoiQWRpdHlhIE9iZXJhaSIsInJvbGUiOiJVc2VyIiwibmJmIjoxNjk5Mjc5NjA2LCJleHAiOjE2OTkyODE0MDYsImlhdCI6MTY5OTI3OTYwNiwiaXNzIjoiVGVzdElzc3VlciIsImF1ZCI6IlRlc3RBdWRpZW5jZSJ9.JpCzjncNg14Ptx1c1fRt4fZmUAIcuBSowL_WoVYZo6s\n        ```\n    \n    * Response Example:\n\n        ```\n        List of Claims: \n\n        unique_name: aditya1\n        given_name: Aditya Oberai\n        role: User\n        nbf: 1699279606\n        exp: 1699281406\n        iat: 1699279606\n        iss: TestIssuer\n        aud: TestAudience\n        ```\n\n## Steps to Setup\n\n- Clone the repository and enter the directory\n- Run the command `dotnet restore`\n- Run the command `dotnet run`","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadityaoberai%2Frolebasedauthsample","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fadityaoberai%2Frolebasedauthsample","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadityaoberai%2Frolebasedauthsample/lists"}