search

thangchung / modular-starter-kit

The starter kit with entire modular approach to help remove boilerplate code in developing
MIT License
15 stars 9 forks source link

Core: Security module #13

Open thangchung opened 6 years ago

thangchung commented 6 years ago

  1. We need to secure all the application layers like Enterprise Security API (ESAPI). https://github.com/convisoappsec/swingset-dotnet

  2. Otherwise, we will invest time to work with authorization in each feature (Clean Architecture). Reference to this project for huge authorization requirements, but basically, we can see at https://github.com/blowdart/AspNetAuthorizationWorkshop/blob/master/src/Step_7_Resource_Based_Requirements/Startup.cs

  3. Federated sign out also needs to invest time to have a look at https://brockallen.com/2016/02/09/federated-sign-out-and-identityserver3/ https://brockallen.com/2016/02/08/single-sign-out-and-identityserver3/

Nice explanation about OAuth 2.0 + OpenID Connect

thangchung commented 6 years ago

Manual manipulating with Asp.Net Identity https://github.com/samueleresca/Blog.TokenAuthGettingStarted