Simple, but customizable JWT authentication and authorization library made with .NET 6. The main goal of the project is to create a basic REST auth package for all kinds of apps (Web, SPA, etc.).
- Two JWT send modes: Cookies for Web and Authorize Header for the rest of apps
- Sign In, Sign Up, Sign Out
- Email, Username and Password validation
- Custom validators support via dependency injection
- Email verification
- Email change
- Password reset
- Secure password storage
- Silent sign in with jwt refresh token
- Email templates
- Add nuget to a project
- Create your User model and make sure it derives from
AppUser
using JustAuth.Data;
public class ChatUser:AppUser
{
//Your properties
}- Create your
DbContextimplementation and make sure it derives fromAuthDbMain<TYourUserModel>
using JustAuth.Data;
public class DbMain: AuthDbMain<ChatUser>
{
//Your properties
public DbMain(DbContextOptions options) : base(options) {
}
}4. Create justauth.json file in your app's root directory with settings.
{
"Emailing": {
"Service":"Email Service", --> sender name in email title
"Sender":"[email protected]", --> sender address
"Smtp":"smtp.gmail.com", --> smtp server
"Port":"587", --> smtp port
"Password": "mypassword" --> smtp account password
},
"JwtOptions" : {
"Issuer":"JustAuthServer",
"ValidateIssuer":true,
"Audience": "JustAuthUser",
"ValidateAudience" : true,
"ValidateLifetime" : true,
"IssuerSigningKey" : "w0mgWEAl2xK27ZiN3E2gAbcHfSrSwQ==", --> key length must be 32 bytes(!) length
"ValidateIssuerSigningKey" : true,
"TokenLifetime": 60, --> token lifetime in minutes
"UseRefreshToken": true, --> enable refresh token functionality
"RefreshTokenLifetime": 60000, --> refresh token lifetime in minutes
"SendAsCookie" : true, --> should tokens be sent in secure cookies, if false jwt will be sent as part of json response
"Claims": [
{
"Name": "MyPolicyName", --> policy name to be used with [Authorize]
"ModelProperty": "MyUserProperty", --> name of a property of your user model, its value is included into jwt tokens
"AccessValues": ["true", "True"] --> valid values for policy
}
]
}
}- Add JustAuth services and .NET Auth middleware to your Program.cs or Startup.cs. Your EmailConfirmRedirect and PasswordResetRedirect endpoints should read the token from a query string (
vrftfor email,rstfor password) and pass it with POST request to the corresponding endpoint. You must set these waypoints withUseEmailConfirmRedirectandUsePasswordResetRedirectas shown below.
services.AddDbContext<IAuthDbMain<ChatUser>, DbMain>(options=>{
//your options
});
services.AddJustAuth<ChatUser>(options => {
options.UseEmailConfirmRedirect("/Auth/EmailConfirm"); //an endpoint to which user will be sent by email confirmation email message
options.UsePasswordResetRedirect("/Auth/PasswordReset"); //an endpoint to which user will be sent by password reset email message
//custom services implementations are also supported here
});
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(options=> {
options.MapDefaultControllerRoute();
});- Create
EmailTemplatesfolder in your app. Create 2 files:EmailConfirm.htmlandPasswordReset.htmlin it. These files will be sent to users for password reset and email change. You can customize their content however you like, but it must contain{{actionData}}, which will be replaced with url. Examples of templates:
<!doctype html>
<html>
<p>Please, use the link to confirm your email: {{actionData}}</p>
</html><!doctype html>
<html>
<p>Please, use the link to reset your password: {{actionData}}</p>
</html>For REST endpoints see REST Doc