0

I've created an empty .net5 Web API project. the project should use Identity Server to generate JWT token for the users of the API.

startup.cs

 public void ConfigureServices(IServiceCollection services){
   services.AddDbContext<ApplicationDbContext>(...);
   services.AddIdentity<ApplicationUser, IdentityRole>()
      .AddEntityFrameworkStores<ApplicationDbContext>()
      .AddDefaultTokenProviders();
   services.AddIdentityServer(...)
      .AddAspNetIdentity<ApplicationUser>()
      .AddConfigurationStore(...);
   services
      .AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
      .AddJwtBearer();
    ...
}

public void Configure(IApplicationBuilder app, IWebHostEnvironment env){
    ...
    app.UseAuthentication();
    app.UseIdentityServer();
    app.UseAuthorization();
    ...
}

The code compile with no error

Login function

var result = await _signInManager
        .PasswordSignInAsync(model.Email, model.Password, false, lockoutOnFailure: false);
    if (result.Succeeded)
    {
        _logger.LogInformation("User logged in.");
        return Ok();
    }
    return BadRequest("Invalid Login Attempt");

I received the ok result from the server but no JWT returned at the headers of the response. Also I noticed that when I create a second request I found my previous login data stored on User property in the Controller.

my question is where to find the token generated by my endpoint?

Ayman Ali
  • 567
  • 4
  • 11
  • Isn't it using a session? I think you should have a session cookie. Either with the token or with some session ID in it. – Michal Trojanowski Jun 23 '21 at 07:49
  • Yes it do have a session but I want the token to be delivered to the clients so the I can receive it as Authorization Header (Bearer). – Ayman Ali Jun 23 '21 at 09:17
  • 1
    First of all, you need to expose an endpoint that returns a JWT token with claims assigned to a user.Then add authentication to your service in the startup.cs of your ConfigureServices to add JWT authentication as your default authentication service.You can refer to the content of this post:https://stackoverflow.com/questions/40281050/jwt-authentication-for-asp-net-web-api/40284152#40284152 – Tupac Jun 23 '21 at 09:46

0 Answers0