Security Archives - Code Maze

How to Use HttpOnly Cookie in .NET Core for Authentication and Refresh Token Actions

Marinko Spasojević — Mon, 15 Apr 2024 11:29:03 +0000

In this article, we will show you how to use HttpOnly Cookie in .NET Core apps to secure our JWT or JSON Web Tokens, when implementing the authentication and refresh token actions. So, let’s start. The Standard Flow for the Authentication Logic Using JWT When we follow the usual flow with the JWTs: We can […]

The post How to Use HttpOnly Cookie in .NET Core for Authentication and Refresh Token Actions appeared first on Code Maze.

Tools and Best Practices for Secret Management in .NET

Code Maze — Tue, 06 Feb 2024 07:04:41 +0000

In this article, we will talk about the tools and best practices for secret management in .NET applications. Every application has values it wishes to keep hidden. One of the critical aspects of security in software development is how we handle secrets. Examples of such data include but are not limited to API keys, connection […]

The post Tools and Best Practices for Secret Management in .NET appeared first on Code Maze.

Implement Custom Authorization Policy Provider in ASP.NET Core

Code Maze — Thu, 28 Dec 2023 06:20:48 +0000

Authorization policies play a major role in modern ASP.NET Core authorization. We generally register authorization policies by giving them a name and specifying their requirements while configuring our startup application. We’ve covered how to do that in the previous article. In more advanced cases, however, we can programmatically fetch and provide an authorization policy for a […]

The post Implement Custom Authorization Policy Provider in ASP.NET Core appeared first on Code Maze.

How to Decode JWT Tokens in .NET

Muhammad Afzal Qureshi — Tue, 12 Dec 2023 07:19:00 +0000

In today’s interconnected web ecosystem, all communicating parties must ensure secure authentication and data exchange. One popular and reliable method for transmitting information between parties in a compact and verifiable manner is through JSON Web Tokens (JWTs). It’s a proven way of implementing Bearer Token Authentication and securing APIs. In this article, we will examine […]

The post How to Decode JWT Tokens in .NET appeared first on Code Maze.

Implement API Key Authentication in ASP.NET Core

Code Maze — Tue, 22 Aug 2023 06:04:15 +0000

Many developers widely use API key authentication to secure API endpoints. This approach necessitates clients to provide a valid API key for accessing the endpoints. When implementing API key authentication in ASP.NET Core, it’s crucial to understand how to pass the API key and retrieve it from the incoming request. Let’s dive in. Authentication Methods […]

The post Implement API Key Authentication in ASP.NET Core appeared first on Code Maze.

Prevent SQL Injection With EF Core, Dapper, and ADO.NET

Code Maze — Thu, 17 Aug 2023 06:00:38 +0000

SQL Injection is a severe security vulnerability that can harm applications that use databases. In this article, we’ll learn about SQL Injection attacks, what they can do, and how to protect our applications from them. We’ll focus on using popular ORM tools like EF Core, Dapper, and ADO.NET to make our applications safer. Let’s begin. […]

The post Prevent SQL Injection With EF Core, Dapper, and ADO.NET appeared first on Code Maze.

Extending IdentityUser With Custom Properties in ASP.NET Core

Code Maze — Tue, 08 Aug 2023 05:30:15 +0000

In this article, we are going to learn about extending IdentityUser with custom properties in ASP.NET Core Identity. Let’s start. Extending IdentityUser We will start with a default project that already implements identity. To learn more about ASP.NET Core Identity implementation, check out our article series on the topic. To add our custom properties to […]

The post Extending IdentityUser With Custom Properties in ASP.NET Core appeared first on Code Maze.

Adding a User Login to a .NET App With Auth0

Code Maze — Fri, 28 Jul 2023 05:20:09 +0000

When creating applications, authenticating users and ensuring the security of user data is paramount. To accomplish this, we can either create a custom authentication solution or leverage a third-party solution. In this article, we’ll learn about adding a user login to a .NET app with Auth0 and we’ll explore the powerful features that Auth0 offers […]

The post Adding a User Login to a .NET App With Auth0 appeared first on Code Maze.

Firebase Authentication in .NET

Phil Broderick — Fri, 07 Jul 2023 05:00:25 +0000

Authentication is inherently a complex topic to understand and implement in our applications. So, generally, we avoid writing the logic from scratch and opt for an off-the-shelf solution. Firebase, the cloud solution from Google, provides an authentication service that allows us to sign users up for our application seamlessly. If you’d like to learn more […]

The post Firebase Authentication in .NET appeared first on Code Maze.

Content Security Policy in ASP.NET Core

Ryan Miranda — Tue, 30 May 2023 05:00:11 +0000

In this article, we are going to discuss the use of a Content Security Policy (commonly referred to as “CSP”). While we can apply a CSP to any web application running in a browser, in this article we will specifically focus on ASP.NET Core. Why Do We Need a Content Security Policy? The Content Security […]

The post Content Security Policy in ASP.NET Core appeared first on Code Maze.