I have to create an application that uses webapi 2 and
angular js 1 on the front panel. After a couple of days, I do research on security features, especially based on tokens .
I could find many things and really confuse what to implement: OAuth, IdentityServer, HMAC, and also Auth0.
I tested HMAC and used webapi through a console application. However, I could not find a project in which webapi is consumed in front of JS-based frameworks in the front (for example, angular.). As a rule, there is an application console with a large number of codes. I wonder how can I do this? using angular js.
I checked IdentityServer and found that its learning curve is a little disappointing for a novice like me. I have an existing db with existing user and role tables. Instead of using the default tables provided by Identity, I would like to use my own and write my own authentication logic. But I, too, cannot find resources for them.
Now I could see Auth0. Now, before diving, I would like to make sure, if this is a suitable authentication and authorization scheme for webapi.
Like, I was asked to implement token-based authentication in a project. I have difficult times when we figure out the right approach and the easiest way to do it. I spent a week and still confuse what I should implement. So, if you have resources where webapi security was done in an elegant way, please help me. Or, a piece of advice will be great too.
Thank!
source
share