Source: https://dometrain.com/course/getting-started-authentication-and-authorization-in-dotnet/Authentication and authorization are two of the most misunderstood topics in .NET, and getting them wrong is one of the fastest ways to introduce a serious security issue into your application. This course is a deep dive into how authentication and authorization actually work in ASP.NET Core, built up from first principles. You’ll start with the fundamentals, like the User object, ClaimsPrincipal, and the request pipeline, before moving into the authentication middleware and each of its core operations: Challenge, SignIn, Authenticate, SignOut, and Forbid. From there, we’ll go under the hood to explore schemes, authentication tickets, and data protection. There’s a full module dedicated to the cookie handler, including event handlers and everything you need to know about cookie and ticket lifetimes. Finally, you’ll master authorization, from simple and role-based approaches all the way to policy-based and resource-based authorization, custom requirements and handlers, authorization filters, and view-based scenarios.
Download Links
Password: cms.ddpanda.org
