Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Hands-On Full-Stack Web Development with ASP.NET Core

You're reading from   Hands-On Full-Stack Web Development with ASP.NET Core Learn end-to-end web development with leading frontend frameworks, such as Angular, React, and Vue

Arrow left icon
Product type Paperback
Published in Oct 2018
Publisher Packt
ISBN-13 9781788622882
Length 478 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Authors (3):
Arrow left icon
Amir Zuker Amir Zuker
Author Profile Icon Amir Zuker
Amir Zuker
Tamir Dresher Tamir Dresher
Author Profile Icon Tamir Dresher
Tamir Dresher
Shay Friedman Shay Friedman
Author Profile Icon Shay Friedman
Shay Friedman
Arrow right icon
View More author details
Toc

Table of Contents (18) Chapters Close

Preface 1. Becoming a Full-Stack .NET Developer 2. Setting Up Your Development Environment FREE CHAPTER 3. Creating a Web Application with ASP.NET Core 4. Building REST APIs with ASP.NET Core Web API 5. Persisting Data with Entity Framework 6. Securing the Backend Server 7. Troubleshooting and Debugging 8. Getting Started with Frontend Web Development 9. Getting Started with TypeScript 10. App Development with Angular 11. Implementing Routing and Forms 12. App Development with React 13. App Development with Vue 14. Moving Your Solution to the Cloud 15. Deploying to Microsoft Azure 16. Taking Advantage of Cloud Services 17. Other Books You May Enjoy

Controlling access to APIs with authorization

One of the key ways to secure your application is to only allow sensitive operations to be executed by users who are authorized to perform them.

There is more than one way to perform authorization in your application: you can check each user against a whitelist; you can check if the user is part of a group (or role) that is allowed to use the functionality in question; or you can run sophisticated logic that makes sure that the user has the necessary access clearance. In this chapter, I'm going to teach you the two most broadly used techniques in the industry:

  • Claim-based authorization: Each user is given a set of claims that can later be retrieved and checked. The claims include both personal attributes (such as the user's birth date), metadata (the registration time), and other pieces of information, such as...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image