ASPNETSelfCreatedTokenAuthExample
ASPNETSelfCreatedTokenAuthExample copied to clipboard
mrsheepuk
Example of how to protect an ASP.NET Core (1.0.1) Web API using simple self-created JWT bearer tokens.
Hi, just adapted the code to be able to use it under the latest framework.
I've added some code to show how to use the data protection API, and save the protected key to file. However, it is a rough version, and I'm wondering if...
Glaring security hole with the code [here](https://github.com/mrsheepuk/ASPNETSelfCreatedTokenAuthExample/blob/master/src/TokenAuthExampleWebApplication/Controllers/TokenController.cs#L33) means that if anyone compromises a single active token, they could remain logged in forever, even if the user changed their password or...
Did you manage to get this running on CoreCLR on Linux? I tried on Ubuntu. I managed to get the creation of the key working by modifying the `lRsa =...
Hi. I've updated the code, using a KeyContainer to store the RSA keys. If the keyset does not exist, they are created, and if they exist they are obtained from...
