This PR aimed to produce barebone authentication feature for Silkier.
How it works
The idea was always using authentication and authorization by default.
Therefore these three lines is required (even with no secure intention, in the correct order is required):
app.UseAuthentication(); app.AddSilkierQuartzAuthentication(); app.UseAuthorization();
For projects that doesn't intended to secure then there wouldn't be services.AddAuthentication and services.AddAuthorization, so no conflict at all, just put the additional 3 lines and the options. So no big deal.
For projects that intended to secure, there would be not likely project owner would create a scheme name such as SilkierQuartzAuth, which will be difference to default scheme and whatever scheme to name. So no big deal.
So... How to use ?
Simply ensure 3 lines in the correct order
app.UseAuthentication(); app.AddSilkierQuartzAuthentication(); app.UseAuthorization();
I'm not merging them into one line to avoid breaking neither hiding any of .net core standard syntax, so it would be easier for us to googling things.
Next is the there new Options in SilkierQuartzOptions that was AccountName, AccountPassword, IsAuthenticationPersist.
The name was enough to describe what they do themself i believe...
if any of AccountName or AccountPassword was not set, behaviour should be the same as non-authentication was setup.
Due to lacking knowlede to HandleBar.Net and poorly CSS capabilities, i strongly recommend someone re-style the Login.hbs file and binding things to the controller by more correct way.
Also cause i doens't want to mess things up, so SilkierQuartzAuthenticateConfig class was created to forward the SilkierQuartzOptions for furthur process. If SilkierQuartzOptions got register to native DI somehow, that would be much nicer
maikebing
commented
3 years ago
Overview:
This PR aimed to produce barebone authentication feature for Silkier.
How it works
The idea was always using authentication and authorization by default. Therefore these three lines is required (even with no secure intention, in the correct order is required):
app.UseAuthentication(); app.AddSilkierQuartzAuthentication(); app.UseAuthorization();services.AddAuthenticationandservices.AddAuthorization, so no conflict at all, just put the additional 3 lines and the options. So no big deal.SilkierQuartzAuth, which will be difference to default scheme and whatever scheme to name. So no big deal.So... How to use ?
Simply ensure 3 lines in the correct order
app.UseAuthentication(); app.AddSilkierQuartzAuthentication(); app.UseAuthorization();I'm not merging them into one line to avoid breaking neither hiding any of .net core standard syntax, so it would be easier for us to googling things.
Next is the there new Options in
SilkierQuartzOptionsthat wasAccountName, AccountPassword, IsAuthenticationPersist. The name was enough to describe what they do themself i believe... if any ofAccountNameorAccountPasswordwas not set, behaviour should be the same as non-authentication was setup.Sound good ? Do we have a sample
Sure, the code was place at https://github.com/khanhna/SilkierQuartz/tree/develop/authenticate-capability-demo, The Policy endpoint was guard by Example project authentication policy (which is the default), redirect if not authenticate to Index page. Comment out the options to see behavior change as expected.
Restriction
Due to lacking knowlede to HandleBar.Net and poorly CSS capabilities, i strongly recommend someone re-style the
Login.hbsfile and binding things to the controller by more correct way. Also cause i doens't want to mess things up, soSilkierQuartzAuthenticateConfigclass was created to forward theSilkierQuartzOptionsfor furthur process. IfSilkierQuartzOptionsgot register to native DI somehow, that would be much nicer