Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
J
J
justslipknot2021-03-14 17:47:41
OAuth
justslipknot, 2021-03-14 17:47:41

Authentication via VK in asp.net core web api. How to implement correctly?

I am writing an application. The server part is a web api on asp.net core, and the client part is a vuejs application. My task is to implement a user login to the site through VKontakte.
The backend uses the AspNet.Security.OAuth.Vkontakte package .

ConfigureServices

public void ConfigureServices(IServiceCollection services)
{
    services.AddAuthentication()
        .AddVkontakte(builder =>
        {
            builder.ApiVersion = "5.130";
            builder.ClientId = Configuration["ClientId"];
            builder.ClientSecret = Configuration["SecureKey"];

            builder.AuthorizationEndpoint = "https://oauth.vk.com/authorize";
            builder.TokenEndpoint = "https://oauth.vk.com/access_token";

            builder.Scope.Add("friends");
            builder.Scope.Add("offline");
        });
    services.AddControllers();
    services.AddSwaggerGen(c =>
    {
        c.SwaggerDoc("v1", new OpenApiInfo { Title = "WeAgree", Version = "v1" });
    });
}



I don't understand how to properly implement the user authentication logic.
How to correctly pass the authentication request from the frontend to the server and how to tell the frontend that everything went well or vice versa?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
D
Django Almighty, 2021-03-15
@12345678XYU87654321

Generate a jwt token on the server side.
Further, this vue token is hawked in local.storage and in the http interceptor constantly puts this token in the request. Handler on the bark, each request listens and checks the embedded token from the client for validity. Throws standard errors 400 and 401 if the token is not valid or has already timed out.
Everything is pretty standard.
For self-learning purposes, implement authentication with your api and your login password, without using the vk api. As soon as everything works, then connect VK api.

Similar questions
L
lex2016-10-12 01:58:37
How to fix nodejs request error? 3Reply
T
tamtakoe2014-10-21 19:55:56
Is it worth taking the authorization server out of the application? 2Reply
A
Alexander2020-12-08 11:44:59
How to pass additional parameters when using OAuth? 0Reply
W
Wicu2019-03-23 16:57:04
Do you store ESIA data? 0Reply
F
Fires2016-11-12 18:22:08
How to implement oAuth2 authorization in Spring-Boot + Gradle + PostgreSQL? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question