ASP.NET Core Identity SPA with React

Asked 17/5, 2020 at 1:16 Answered 15/1, 2022 at 23:8

reactjs asp.net-core identityserver3 asp.net-core-identity openiddict

I am confused and a bit lost about using ASP.NET Core Identity with a React SPA.

I have read Microsoft documentation about ASP.NET Core Identity several times, mostly focusing on the Identity with SPA section, and yet I have to confess I still don't clearly get how to bond a React SPA with ASP.NET Core Identity.

These are the blockers I have stumbled upon:

The documentation assumes I want to use IdentityServer, but I do not. I rather prefer Openiddict, but I don't know how to do the switch. Worst part is that I am not totally clear about what IdentityServer or Openiddict do. I understand that they provide an OpenId connection for JWT tokens and securing my REST endpoints, but how they do that is still obscure to me.
The Microsoft documentation focusing on React SPAs all use a "convenient" hosting of both the React SPA and the API back-end as a single unit. This is unfortunate because I don't want that. I have my React SPA totally decoupled and separated from the API, and they will be hosted separately. To summarize I don't want my React SPA in the same solution as the API back-end.
Most examples in the Microsoft documentation use Entity Framework as the ORM. I won't. I will use Dapper instead. The good news is that there is a section better explaining Custom storage providers for ASP.NET Core Identity, and also I am studying the ASP.NET Core Identity with Dapper implementation done in Daarto, so this part I have been understanding better.

Any tutorial, blog, repository or documentation you can recommend me to understand exactly step-by-step thouroughfully explained what is needed to do to bond a React SPA with ASP.NET Core Identity? That is authenticating users, securing API endpoints, how React will communicate with Openiddict, and how to use Openiddict with ASP.NET Core Identity, etc.

Birthday answered 17/5, 2020 at 1:16 Comment(2)

Hi, I would be interested in how you implemented this in the end, did you use openiddict and did you find any react examples? – Abomb 2/8, 2022 at 12:37

I setup an ASP.net / React SPA using FusionAuth a while back. I think the example can give some insight into what you need. It will need some tinkering with and further googling but it might set you on the right path. github.com/FusionAuth/fusionauth-example-asp-net5-react/tree/… – Layette 8/1, 2023 at 8:3

ASP.NET Identity is a membership provider and uses cookies while IdentityServer is an OAuth2/OpenID Connect server you can use to support token authentication. IdentityServer4 will eventually support ASP.NET Identity as a membership store. For authentication and authorization in mobile devices and SPA, you can use tokens and the best solution is IdentityServer4 with ASP.NET Identity.

Simmon answered 15/1, 2022 at 23:8 Comment(2)

Your link hits a 404 page :( – Layette 8/1, 2023 at 8:5

That is strange, the page is not accessible anymore – Simmon 9/1, 2023 at 11:40

-1

OpenIddict is a library to implement Auth server yourself and IdentityServer is a fully implemented Authentication server that providers several schemes. On tutorial, there aren't many tutorials that go through this scenario. Most go on creating JWT authentication and authorization using APS.NET Identity which to me feels a little insecure as you are implementing everything yourself and Auth is one of the things which you shouldn't implement yourself.

Tetreault answered 14/1, 2022 at 14:10 Comment(1)

I don't think this answers the question... – Chiliad 15/1, 2022 at 1:3

Recommended topics

Hot tags