I have created a project which on the client side uses ReactJS and on the server side .NET Core 3.1. I have API controllers, loggers, services, repositories etc.
Now I would like to add an Admin panel. I decided to add another .NET Core 3.1 project only for the admin panel and would like to use the same database and identity to control users.
The problem is that I'm not able to sign into the DB that is in use in first project... and I don't know really how to achieve that.
Or maybe I should add AdminLTE to main project - but how?
So, the problem was in my custom login page...in first project I decided to have login and password as a way to log in user.
In custom login there is an email instead of login to log in user.
And that is it.
Related
I'm familiar with the .Net and React applications individually. What I want to do is to create a hybrid app of MVC and React for SaaS. Below are the details,
.NET MVC application for our website (can't create this in react as
it is a website and intended to use for google crawl, SEO, and all)
Once users log in using the MVC application LOGIN form, I want to redirect
them to ReactApp which is basically a portion after login
I already have a website built using MVC. Now want to load React application after successful login
Note: This needs to be run under the same domain. No redirection to sub-domain or so. Although, we can have an additional paths like /user
Questions:
Is it possible to traverse users between both applications?
Is it possible to manage the same session between the two?
We have asp.net core(v3.0) Web API backend(no auth yet). A frontend is going to be a SPA(React).
A frontend basically will be an admin panel, it means the website's home page should be just the login page. We are planning on using IdentityServer4 for auth(separate project). If we create the IdentityServer4 project(MVC) it will have its own login form/page. Since opening our client website(react) login form should be opened, popout and iframe is not the way we are considering to use, what is the best way to accomplish this?
I've done some research and it seems it is possible to make our login form in react client and send the users login and password to IdentityServer4 if the client is set as ResourceOwnerPassword flow. But, it is not a secure and recommended way. I've read a lot of questions in SO and a lot of articles, but that is outdated and most of the samples are in IdentityServer4's repo is deprecated.
Questions:
Another way we are thinking is, on home page load, just redirect to the IdentityServer4 login page(MVC) and after login redirects back to our website. Is this a proper way of doing it? will the user see the redirection or it will not be much difference since the user opens our website and it seems like the home page?
What type of GrantType should I use for this case? Hybrid?
Is it possible to make a custom login page like in React?
What is the best way of implementing it?
Thanks for any advice, and my bad if the question is duplicated since I spend a couple of days to figure this out but couldn't.
Edit:
Now, IdentityServer4 with JavaScript client is available in IdneityServer4 official repositoty:https://github.com/IdentityServer/IdentityServer4/tree/master/samples/Quickstarts/4_JavaScriptClient
Also, I cloned and changed a little bit, so IdentityServer4 and WebApi are in a single project: https://github.com/Jamaxack/IdentityServerSPA
Is this a proper way of doing it? will the user see the redirection or it will not be much difference since the user opens our website and it seems like the home page?
That is recommended by redirecting user to identity provider's login page for sign-in , Resource Onwer Flow is not recommended as you said for security reasons.
What type of GrantType should I use for this case? Hybrid?
You can use Proof Key for Code Exchange (PKCE) which is already the official recommendation for native applications and SPAs . See Grant Types for more details .
Is it possible to make a custom login page like in React?
You can fully custmize the identity server's login user interface and identity management system , custmize the IdentityServer4.Quickstart.UI/ASP.NET Identity/Your own identity provider services .
In addition , ASP.NET Core 3.0 or later offers authentication in Single Page Apps (SPAs) using the support for API authorization. ASP.NET Core Identity for authenticating and storing users is combined with IdentityServer for implementing Open ID Connect :
https://learn.microsoft.com/en-us/aspnet/core/security/authentication/identity-api-authorization?view=aspnetcore-3.1
1) You can use a flow something like below
'First, load the react project. then check for the token/user object. If there is no token/user, then redirect to the MVC project from react project. You can have the login page in MVC'
2) Use Implicit grant type
3) Yes. You can make customization in MVC login page
4) In order to do that, you can use the oidc-client npm package in react project. For the identity, use the Quickstart template from identity server 4 documentation.
Here it is
I am trying to understand where is the best place for my account management screens.
My project structure is as below:
IdentityServer
WebAPI
SPA
IdentityServer does not provide any UI screens for typical account management. If you refer to their UI templates (https://github.com/IdentityServer/IdentityServer4.Quickstart.UI) they typcially contain screens for login but nothing for register, reset password, email confirmation etc.
I understand I can use ASP.Net Identity to handle some of this. My question is where do people typically put the account management screens? Part of me wants to put them in my Identityserver project so that all everything account related is self contained. I could however also put these screens in the SPA.
Welcome any thoughts on best practice?
I have implemented Identity Server 4 a couple times now and I can tell you that you probably won't find so called "best practice". But I will share what I have done.
When it comes to login flows, user registration, password reset, email confirmations - I have just extended the quickstart project that you referred to with custom branding, screens, etc.
When it comes identity, account, client and api resource management - I would create a new web app for that with its own separate backend, however, in all of my projects I used ASP.NET identity and just let the identity database to be shared between IdentityServer4 Auth Server project and the Admin Management UI project.
It is worth noting that the creators of Identity Server 4 also have a commercial option for Admin UI. There are also a few open source projects if you browse around that you could potentially take advantage of.
I'm currently developing a C# MVC Web API to act as a middleman between a Joomla 3.6 site and a SharePoint 2013 server, both installed in IIS 8.5 on Windows Server 2012 R2. Both the Joomla 3.6 site and SharePoint 2013 are already set up and functional, SharePoint has an active development site already set up, and I'm currently working on a SharePoint app/C# ASP MVC Web API to handle any requests between Joomla and SharePoint. This app handles any request, including logins (which are to be verified against Active Directory on a server), file upload/download, and searching users/documents/tags, among others. The C# app/web API endpoints are also only allowed to be called by users logged into the system, except for login.
My question becomes this, then. Put simply, is there any way I can tell the Joomla 3.6 website, when a user attempts to log in to the system (using the login page), to call my login endpoint and/or somehow authenticate with the SharePoint 2013 server? Preferably, I'd like to use my own C# login endpoint to interact with SharePoint in this case, unless that is not possible.
Thanks.
Yes, there is a mechanism provided via Joomla plugins. I've developed authentication plugins for several third party services.
You would develop a user plugin which hooks into the onAuthenticate event, allowing you to intercept and authenticate the user without them being the wiser.
If you need to add additional fields to login for (i.e. domain) you can also hook into the onContentPrepareForm event and add, alter or remove form fields
This is also one use-case where there is pretty decent documentation available.
https://docs.joomla.org/J3.x:Creating_a_Plugin_for_Joomla
https://docs.joomla.org/J3.x:Creating_an_Authentication_Plugin_for_Joomla
https://docs.joomla.org/Plugin/Events
I started a Silverlight 4 RIA Services application with the Navigation Application template,
instead of the Business Application template.
Now I want to add authentication to that application (to protect a page from unauthenticated users)
I've added an AuthenticationService to the project,
but I'm not sure what the steps are now to get it actually working and there doesn't seem to be a way to "upgrade" to the business application template.
I can add the [RequiresAuthentication] attribute to some of the normal service methods,
but I cannot figure out how to allow the user to log in or prevent a user from opening a specific page.
Is there any guidance for an "upgrade" like this?
You need to configure the hosting ASP.Net App to enable forms authentication, which will probably require the configuration of an authentication provider.
Try this
http://msdn.microsoft.com/en-us/library/ee707353(VS.91).aspx
edit: doh moments too late ;)