Identity in .NET API Makes Auth Easy
There was a time to be scared of the auth in ASP.NET. Identity really makes it easy. But before delving any further, let’s keep the tradition alive by knowing the ancient Roman history of auth in ASP.NET. How Auth was done earlier? Manual Token Generation: Developers manually created JWT tokens using libraries like System.IdentityModel.Tokens.Jwt and hardcoded key management. No Built-in User Management: Handling user registration, login, password hashing, and role management required custom code. Manual Claims Management: Claims (roles, permissions) were added to JWT tokens manually, increasing the risk of errors. Token Validation: Developers manually validated JWT tokens in each request, including signature, expiration, and claims validation. No Built-in Features for Role Management: Handling user roles and claims for authorization were complex It’s not uncommon to see code like this even today (there continue to be valid use cases, of course). ...