Implement RBAC using Jwt token and ASP.NET Core Web API for learning.
- Jwt token configuration and generator
- Role base authorization
- Custom Policy based authorization
- Environment wise Docker support (test, stage, prod and dev)
- Clone the repo.
- Open command editor (CMD, PowerShell) from clone directory and navigate to :src\\jwt-authentication-server\\JwtAuthenticationServer
- Run below docker command :
docker-compose -f docker-compose.<env>.yml up
here, env = dev or test or stage or prod.
- From Postman, create a POST request with below body parameters :
{
"username":"manager",
"password":"manager"
}
- Hit the url : http://localhost:5000/api/auth/login. You will receive a Jwt token in response.
- Create a new GET request. Set Authorization Header = Bearer Token to that token. Hit either of the API.
http://localhost:5000/api/inventory/salaries
http://localhost:5000/api/inventory/stock
Since your role is Manager, you will receive data. 4. Repeat Step#1 with below :
{
"username":"sales",
"password":"sales"
}
- Repeat Step#3. There will be an 401 = Un-authorized for http://localhost:5000/api/inventory/salaries