Skip to main content


Showing posts from March, 2021

A .Net5 Sample Using CQRS(Command Query Responsibility Segregation) And MediatR Patterns

CQRS stands for Command Query Responsibility Segregation. CQRS guides us to separate our logical implementations into 2 categories like 'Commands', 'Query'. The 'Commands' specifies the operations like creation or updating of data into the data source(database). The 'Query' specifies the operations to fetch the data. In CQRS models(Request/Response classes) are independent or owned by a single operation, which means model classes can not be shared between the different 'Commands' or different 'Queries' or between a 'Command' and 'Query'. From the diagram one thing to observe Request/Response model(optional), that's because some times we will use query parameters or return a simple scalar type in those cases we won't create models. Create .Net5 Web API: To implement the CQRS pattern let's create a sample .Net5 Web API application. Configure Entity Framework Core Database Context: For this demo, I had created

Hot Chocolate GraphQL Custom Authentication Series Using Pure Code First Technique - Part4 - Refresh Token

Part3  we had enabled the JWT token validation and discussed different authorization techniques as well. In this article, we will understand Refresh Token creation and its usage. When To Use Refresh Token: A refresh token is a unique random encrypted string. On the expiration of the JWT auth access token, instead of showing a login page to the user, we can make the user authenticated immediately using the refresh token. By using refresh token we can fetch new user access tokens from the server without any user credentials. Generate Refresh Token: In 'AuthLogic.cs' file add a new private method like 'GenerateRefreshToken()'. Logics/AuthLogics.cs: private string GenerateRefreshToken() { var randomNumber = new byte[32]; using (var generator = RandomNumberGenerator.Create()) { generator.GetBytes(randomNumber); return Convert.ToBase64String(randomNumber); } } Here using 'System.Security.Cryptography.RandomNumberGenerator' generated refresh token of leng

Hot Chocolate GraphQL Custom Authentication Series Using Pure Code First Technique - Part3 -Validating JWT Token And Different Authorization Techniques

Part2  we had generated a JWT access token for the user authentication. In this article, we are going to validate the JWT access token and also understand different techniques of Authorization. Install JwtBearer NuGet: To enable jwt token validation service we have to install JwtBearer NuGet. Package Manager Command: Install-Package Microsoft.AspNetCore.Authentication.JwtBearer -Version 5.0.4 .Net CLI Command: dotnet add package Microsoft.AspNetCore.Authentication.JwtBearer --version 5.0.4 Register JwtBearer Service: In the 'Startup.cs' file, we should register our JwtBearer validation service. Startup.cs: services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { var tokenSettings = Configuration .GetSection("TokenSettings").Get<TokenSettings>(); options.TokenValidationParameters = new TokenValidationParameters { ValidIssuer = tokenSettings.Issuer, ValidateIssuer = true, ValidAudience = tokenSettings.Audienc

Hot Chocolate GraphQL Custom Authentication Series Using Pure Code First Technique - Part2 - Generating JWT(JSON Web Token) Access Token

Part1  discussed user registration. In this article, we are going to implement logic to generate the JWT access token in the Hot Chocolate GraphQL. Overview On JWT(JSON Web Token): JSON Web Token is a digitally signed and secured token for user validation. The jwt is constructed with 3 informative parts: Header Payload Signature Install JWT NuGet: Package Manager Command: Install-Package System.IdentityModel.Tokens.Jwt -Version 6.9.0 .Net CLI Command: dotnet add package System.IdentityModel.Tokens.Jwt --version 6.9.0 Add Token Settings: While generating the JWT access token, few token-specific settings need to be specified. appsettings.Development.json: "TokenSettings":{ "Issuer":"localhost:5001", "Audience":"", "Key":"SomeRandomlyGeneratedStringSomeRandomlyGeneratedString" } The 'Issuer' is like the identification of the server that generated the token. In access token 'iss'

Hot Chocolate GraphQL Custom Authentication Series Using Pure Code First Technique - Part1 - User Registration

About The Series: Using Pure Code First Technique In Hot Chocolate GraphQL, Custom Authentication Series: Part1 User Registration Resolver Part2 Generating JWT Access Token For User Authentication. Part3 Validating JWT Access Token And Different Authorization Techniques Part4 Generating Refresh Token. So this our Part-1 of the series where we are going to create a sample in GraphQL for user registration. SQL Tables: Create 2 tables like 'User' and 'UserRoles'. User Table: CREATE TABLE [dbo].[User]( [UserId] [int] IDENTITY(1,1) NOT NULL, [FirstName] [varchar](192) NULL, [LastName] [varchar](192) NULL, [EmailAddress] [varchar](192) NOT NULL, [Password] [varchar](640) NOT NULL, [RefreshToken] [varchar](640) NULL, [RefershTokenExpiration] [datetime] NULL, CONSTRAINT [PK_User] PRIMARY KEY CLUSTERED ( [UserId] ASC )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] ) ON [PRIMARY