In this section, we will take a look at how authentication works in ASP.NET Core.
All examples in this chapter can be found at https://github.com/polatengin/B05277/tree/master/Chapter17 GitHub repo.
The HTTP protocol is a stateless, response-for-a-request based protocol. This means an HTTP server can generate a response once it gets a request, and it never remembers previous requests and their results. Every request is processed separately.
For example, if an application requires you to log in first, a developer should handle the required logic flow to redirect to the user login page if they haven't logged in yet.
So, every request should have all the information to be processed successfully (if a user has logged in or not, who the user is, and their permissions.)
If a bad user sits on the line between the client and the server, they can read packages and...