This repository(HamiDiabet) includes two projects:
_HamiDiabet Website project as a client in root of repository(hamidiabetSite Folder)
The project “HamiDiabet Website” is a responsive website made with Asp.Net MVC Technology using
C#, Bootstrap, JQuery, Ajax, HTML, CSS, JavaScript, SQL, and EntityFramework.
User registration and login using JWT.
_Rest Api project in root of repository(hamidiabetWebApi Folder)
hamidiabetWebApi is a Rest Api shows how to implement JSON Web Token authentication with
ASP.NET MVC 5, Web Api 2,.Net Framework 4.5
Github URL: Project Link
Steps:
1. Restore DB in SQL Server from the DB file in root of repository
2. Open hamidiabetWebApi Solution in Visual Studio and build the project
3. Execute (F5) to run. Browser will throw error page which is fine as this is only WEB-API implementation
4. Open hamidiabetSite Solution in Visual Studio and build the project
3. Execute (F5) to run. Browser will show Homepage of website (the picture of homepage is end of this readme)
4. you can Register and Login to website and see the userTbl Table in database fields how to jwt authentication work
About Implement JWT Authentication:
JWT authentication is a self-contained authentication protocol where the token is a base64 representation of a object which contains 3 parts seperated by a period:
- Header
- Payload (Claims)
set claims for user:setClaimsIdentity function in
code
- Signature
The API has 1 controller:
AuthController Contains the SignUp, and SignOut.
SignIn is here
SignIn
i use this NuGet:
Microsoft.Owin.Security.Jwt
Hashing:
For hashing we can implement it using various algorithms.This project implements hashing using SHA256.
function of set Sha256Hash is in:
here
The Auth server exposes the following endpoints:
implement of this requests is here:
code
SignUp:
WebRequest:http://host/user/SignUp
Method:POST
ContentType: application/x-www-form-urlencoded
requestBody:
{name} : name
{family} : family
{cityId}: city Id (default:1)
{mobile}: mobile num
{password}: password
{subscribeNewsletter}: subscribe newsletter (true or false)
signIn:
WebRequest:http://host/user/signIn
Method:POST
ContentType: application/x-www-form-urlencoded
requestBody:
username: mobile num
password: password
grant_type: password
sample json output:
json:
{
"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRza",
"token_type": "bearer",
"expires_in": 86399,
"refresh_token": "d4572fbf0763403083448b6c82a0fa0e"
}
SignOut:
signOut Help:
WebRequest:http://host/user/SignOut
Method:POST
requestHeader:
Authorization: “Bearer”+” “+Token
refreshToken:
WebRequest:http://host/user/signIn
Method:POST
ContentType: application/x-www-form-urlencoded
requestBody:
refresh_token: refreshToken (sample:” 5687654271344265a04d1d8644a9c151”)
grant_type: refresh_token
sample json output:
json:
{
"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRza",
"token_type": "bearer",
"expires_in": 86399,
"refresh_token": "d4572fbf0763403083448b6c82a0fa0e"
}
NOTE: You can also test the API using a tool such as Postman
HamiDiabet Website:
