Skip to content

rpede/cds25-tutorial-auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

54 Commits
client
client
 
 
server
server
 
 
tutorials
tutorials
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
cds25-tutorial-auth.sln
cds25-tutorial-auth.sln
 
 
docker-compose.yml
docker-compose.yml
 
 
setup.sh
setup.sh
 
 

Repository files navigation

CDS.Security 2025 - Auth

Introduction

This repository contains a skeleton application and a series of guides on how to manually implement authentication, session management and authorization with ASP.NET as backend and React as frontend.

The skeleton application is a simple blog with posts and comments.

In real-world systems, I recommend using ASP.NET Identity instead of implementing authentication and sessions manually. However, it is important that you know how this stuff works, and I believe in learning by coding.

Getting started

Fork the repository and clone it to your computer.

Database

There is a script named setup.sh and you simply run the script.

./setup.sh <some-password>

Replace <some-password> with what you want to use as password for the preconfigured users.

In case you forget the password, or just want to reset, simply run the script again.

Client

Before first run, you need to install dependencies with:

npm ci --prefix client

Then start development web server with:

npm run dev --prefix client

The --prefix client tells npm to behave as if you were running it from client/ folder. That way do don't have to cd around all the time.

Server

dotnet watch --project server/Api

The watch part makes it hot-reload when you change the code. Not all changes works with hot-reloading, in which case you need to manually restart it with CTRL+R.

How to use

Web servers

Sub-systems URL
Client / frontend http://localhost:5173/
Server / backend http://localhost:5153/scalar/

The project uses Scalar, which is an alternative to Swagger UI.

Database

Parameter Value
URL jdbc:postgresql://localhost:5432/postgres
Username postgres
Password mysecret
Connection string HOST=localhost;DB=postgres;UID=postgres;PWD=mysecret;PORT=5432;

Users

The application ships with some test data, including blog posts and a couple of users. After implementing authentication, you will be able to log-in using these credentials:

Email / Username Role
admin@example.com Admin
editor@example.com Editor
othereditor@example.com Editor
reader@example.com Reader

Exercises

Complete these exercises in order. Since each builds on the previous. Make a commit each time you complete an exercise.

  1. Authentication
  2. Sessions
  3. Authorization

About

CDS.Security 2025 - Tutorials for authentication, session and authorization

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

9 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages