Which authentication method is good with Angular front end and .net core backend

Published

I have a angular 10 application( upgraded from angular 4) which is running as a front end and having .net core 3.1 web api (connecting to SQL server database)which is running as a back end project.

Now i am planning to implement login and authentication using both application. But confused with which technology i should follow? have read so many technologies like JWT , Oauth (please point any others also there) or i should look for something like OWIN ? Which is best in terms of security and performance?
And which is the best way to hash the passwords in database?

I know the topic and question needs large volume of consideration but just the guidance will be enough for me to proceed.

Please help me!

Source: Angular Questions

Answers

Just to put things in perspective

  • Owin is a way to communicate with your API in the .NET Framework, it has its way to implement OAuth2
  • OAuth2 is a standard that tells you how to authenticate/authorize
  • JWT is a tool that OAuth2 uses to authenticate (by validating the token)

You need to combine most of these technologies in to an implementation.

In layman terms:

  • Upon successful login create a JWT token
  • In the token you have an access token and a refresh token
  • Refresh token is used to recreate an access token when it expires
  • Access token is used to validate your identity

If you want to have an authentication server because you have a big system I suggest IdentityServer


Mrs. Neva Maggio DVM

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Still Have Questions?


Our dedicated development team is here for you!

We can help you find answers to your question for as low as 5$.

Contact Us
faq