Location>code7788 >text

MiniAuth A Lightweight Core Identity Web Backend Management Middleware Plugin

Popularity:723 ℃/2024-07-21 21:15:23

MiniAuth A Lightweight Core Identity Web Backend Management Middleware Plugin

"One line of code to add Identity system and web backend system for user and permission management to new and old projects.

Out-of-the-box to avoid knock-out rewrites or severe coupling situations

Github: /mini-software/MiniAuth , Gitee: /shps951023/MiniAuth

Image 1 Image 2
Image 3 Image 4

specificities

  • compatibility : be in favor of .NET identity Based on JWT, Cookie, Session et al. (and other authors)
  • Simplicity: Plug-and-play design, API, SPA, MVC, Razor Page, etc. out of the box.
  • Multi-database support : Support Oracle, SQL Server, MySQL, etc. EF Core
  • Non-intrusive: does not affect existing databases, project structure
  • Multi-platform : Support Linux, macOS environment

mounting

through (a gap)NuGet Mounting Kit

Quick Start

Add a line of code to Startup() and run the project, example.

public class Program
{
    public static void Main(string[] args)
    {
        var builder = (args);

        (); // <= ❗❗❗

        var app = ();
        ();
    }
}

Then go to the administration web page, Link ashttp(s)://yourhost/miniauth/The default administrator account isadmin@ The password isE7c4f679-f379-42bf-b547-684d456bc37f (please remember to change your password) to manage your Identity users, roles, and endpoints.

Add to the categories or methods that need to be managed with permissions the[Authorize] Or role control[Authorize(Roles = "Roles")]If you are not logged in, you will get a 401 status, and if you do not have permission, you will get a 403 status.

MiniAuth is preset as a single Coookie Based identity, if you have a separate front-end and back-end project, please replace it with an Auth such as JWT.

MiniAuth JWT Identity

Simply specify the AuthenticationType as BearerJwt

(options:(options) =>
{
     = ;
});

Please remember to customize the JWT Security Key as follows.

(options: (options) =>
{
     = new SymmetricSecurityKey(Encoding.("6ee3edbf-488e-4484-9c2c-e3ffa6dcbc09"));
});

How to get user token

Front-end Javascript XHR Examples

var data = ({
  "username": "admin@",
  "password": "E7c4f679-f379-42bf-b547-684d456bc37f",
  "remember": false
});
var xhr = new XMLHttpRequest();
 = true;
("readystatechange", function() {
  if( === 4) {
    ();
  }
});
("POST", "http://yourhost/miniauth/login");
("Content-Type", "application/json");
(data);

Return results

{
    "ok": true,
    "code": 200,
    "message": null,
    "data": {
        "tokenType": "Bearer",
        "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiIxZTIxOGY4My1iZjE3LTRhY2YtODhmOS1iOTQ3NjhjOWUwMGMiLCJuYW1lIjoiYWRtaW5AbWluaS1zb2Z0d2FyZS5naXRodWIuaW8iLCJyb2xlIjoibWluaWF1dGgtYWRtaW4iLCJzdWIiOiJhZG1pbkBtaW5pLXNvZnR3YXJlLmdpdGh1Yi5pbyIsIm5iZiI6MTcxODIwNDg5NSwiZXhwIjoxNzE4MjA1Nzk1LCJpYXQiOjE3MTgyMDQ4OTUsImlzcyI6Ik1pbmlBdXRoIn0._-DQ_rcbeju8_nrK2lD5we0rre04_xdDZNF6NhM0Rg0",
        "expiresIn": 900
    }
}

Save the accessToken in localstorage or a cookie and set it when calling your [Authorize] api.Header Authorization : Bearer + blank space + accessTokenThe system will automatically validate it.

Example.

var xhr = new XMLHttpRequest();
 = true;
("readystatechange", function() {
  if( === 4) {
    ();
  }
});
("GET", "http://yourhost:5014/your/api");
("Authorization", "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiIxZTIxOGY4My1iZjE3LTRhY2YtODhmOS1iOTQ3NjhjOWUwMGMiLCJuYW1lIjoiYWRtaW5AbWluaS1zb2Z0d2FyZS5naXRodWIuaW8iLCJyb2xlIjoibWluaWF1dGgtYWRtaW4iLCJzdWIiOiJhZG1pbkBtaW5pLXNvZnR3YXJlLmdpdGh1Yi5pbyIsIm5iZiI6MTcxODIwNDg5NSwiZXhwIjoxNzE4MjA1Nzk1LCJpYXQiOjE3MTgyMDQ4OTUsImlzcyI6Ik1pbmlBdXRoIn0._-DQ_rcbeju8_nrK2lD5we0rre04_xdDZNF6NhM0Rg0");
();

Set expiration time

  = 30 * 60; 

NET JWT ClockSkew JwtBearerOptions preset in seconds, preset 30 minutes, also note that .rationale

Refresh Refresh Token API (JWT)

API : /MiniAuth/refreshToken
Body:

{
   "refreshToken":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxZTIxOGY4My1iZjE3LTRhY2YtODhmOS1iOTQ3NjhjOWUwMGMiLCJuYmYiOjE3MTg1MjIxOTEsImV4cCI6MTcxODUyMzk5MSwiaWF0IjoxNzE4NTIyMTkxLCJpc3MiOiJNaW5pQXV0aCJ9.HYBWrM2suDiM4OG0FSlXhNgktZIG9l3ufmIAnwZiIoU"
}

Header:

Authorization:Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiYWRtaW5AbWluaS1zb2Z0d2FyZS5naXRodWIuaW8iLCJyb2xlIjoibWluaWF1dGgtYWRtaW4iLCJzdWIiOiIxZTIxOGY4My1iZjE3LTRhY2YtODhmOS1iOTQ3NjhjOWUwMGMiLCJuYmYiOjE3MTg1MjIxOTEsImV4cCI6MTcxODUyNTc5MSwiaWF0IjoxNzE4NTIyMTkxLCJpc3MiOiJNaW5pQXV0aCJ9.rgAgsziAdLqOC9NYra-M9WQl8BJ99sRdfzRKNkMz9dk

Expires on / 230 minutes preset

Settings, Options, Customization

default mode

  • MiniAuth preset mode for IT Admin centralized user management, user registration, password reset and other operations require Admin privileges account operation, preset Role = miniauth-admin

Close MiniAuth Login

If you only want to use your own login logic, pages, and APIs, you can specify the login path and turn off the switch

// put together service Before registering
(options: (options) =>
{
     = "/Identity/Account/Login";
     = true;
});

Customizing the preset SQLite Connection String

(options: (options) =>
{
     = "Data Source=miniauth_identity.db";
});

Customize databases, users, roles

MiniAuth system preconfigured to use SQLite EF Core, IdentityUser, IdentityRole out of the box
If you need to switch please do so in the The generalization specifies different databases, their own users, and role classes.

<YourDbContext, YourIdentityUser, YourIdentityRole>();

Login, user authentication

Non-ApiController preset login oriented page (determines if way Headers["X-Requested-With"] == "XMLHttpRequest" or ApiControllerAttribute)
The ApiController's Controller preset does not lead to the login page, but returns a 401 status code.

Customized front-end

  • The management back-end front-end is in the/src/Frontend_Identity The main body uses Vue3 + Vite, and the miniauth UI can be updated by running a build with npm.
  • The login page doesn't want to use the miniauth preset, mvc can either use identity's own Scaffolded or change the miniauth frontend's , js, css

Customized Routing Prefixes

(options: (options) =>
{
     = "YourName";
});

RoutePrefix is preset toMiniAuth

Login API (JWT)

API: /MiniAuth/login

Body:

{
   "username":"admin@",
   "password":"E7c4f679-f379-42bf-b547-684d456bc37f",
   "remember":false
}

Response:

{
    "ok": true,
    "code": 200,
    "message": null,
    "data": {
        "tokenType": "Bearer",
        "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiYWRtaW5AbWluaS1zb2Z0d2FyZS5naXRodWIuaW8iLCJyb2xlIjoibWluaWF1dGgtYWRtaW4iLCJzdWIiOiIxZTIxOGY4My1iZjE3LTRhY2YtODhmOS1iOTQ3NjhjOWUwMGMiLCJuYmYiOjE3MTg1MjIxOTEsImV4cCI6MTcxODUyNTc5MSwiaWF0IjoxNzE4NTIyMTkxLCJpc3MiOiJNaW5pQXV0aCJ9.rgAgsziAdLqOC9NYra-M9WQl8BJ99sRdfzRKNkMz9dk",
        "expiresIn": 3600,
        "refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxZTIxOGY4My1iZjE3LTRhY2YtODhmOS1iOTQ3NjhjOWUwMGMiLCJuYmYiOjE3MTg1MjIxOTEsImV4cCI6MTcxODUyMzk5MSwiaWF0IjoxNzE4NTIyMTkxLCJpc3MiOiJNaW5pQXV0aCJ9.HYBWrM2suDiM4OG0FSlXhNgktZIG9l3ufmIAnwZiIoU"
    }
}

enrollment

Please use Core Identity's own registration API to follow along with the page

forgotten password?

Please use Core Identity's own registration API to follow along with the page

Get user information

Please use Core Identity's own registration API to follow along with the page

caveat

Pay attention to the order

Please put UseMiniAuth after the route generation, otherwise the system can't get the route data for permission judgment, such as.

();
();

Please add a Role rule

Please addAddRoles<IdentityRole>()or else[Authorize(Roles = "Permissions")] will not take effect

<IdentityUser>(options =>  = true)
    .AddRoles<IdentityRole>() // ❗❗❗ 
    .AddEntityFrameworkStores<ApplicationDbContext>();

Apply to existing identity projects, customize logic

Turn AddMiniAuth autoUse off, put UseMiniAuth and replace the generic parameter with your own IdentityDBContext, user, permissions authentication after your own Auth, example.

        public static void Main(string[] args)
        {
            var builder = (args);

            var connectionString = ("DefaultConnection") ?? throw new InvalidOperationException("Connection string 'DefaultConnection' not found.");
            <ApplicationDbContext>(options =>
                (connectionString));
            ();

            <IdentityUser>(options =>  = true)
                .AddRoles<IdentityRole>()
                .AddEntityFrameworkStores<ApplicationDbContext>();

            ();

            (autoUse: false); // <= ❗❗❗


            var app = ();

            <ApplicationDbContext, IdentityUser, IdentityRole>();  // <= ❗❗❗ 
            (
                name: "default",
                pattern: "{controller=Home}/{action=Index}/{id?}");
            ();

            ();
        }

Ability to switch to use your own user, role, DB, Identity logic.

distributed system

  • Please change the database source to SQL Server, MySQL, PostgreSQL, etc.
  • It is recommended to change the auth method such as JWT