A Blog full of Web Projects
.NET 8 Web API doing Authentication by JWT and Refresh Tokens
05-May-2024
Angular client towards a Web API by .NET 8 with C# using JWT and Refresh Tokens for Authentication
Traditional webhosting is used for this Application
The Web API was made without the ASP.NET Core Identity using custom JWT middleware
Functionality of the Web App
- JWT authentication with Refresh Tokens
- Refresh token rotation
- Revoked token reuse detection
Tech used for building the Web App
- C#
- The .NET 8 Web API is hosted at a traditional Webhotel
- The Angular Client is hosted at a traditional Webhotel
- SQLite as the Database for both Dev + Prod
- CORS Policy implemented by .NET
- JWT Token for access secure routes
- Refresh Token by HTTP only Cookie to generate new JWT Tokens
By using JWT + Refresh Tokens the security will be improved. The JWT can have a reduced time to live and therefor less likely to be stolen
A Blog made with Gatsby React and GraphQL