Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
Search - "global middleware"
Yes after months of writing this .NET core 3.1 API, I am still going back and rewriting the Auth flow.
I talk to a lifelong .Net Guru yesterday to get advise about JWT flow with .NET. His take in summary:
"Oh haha yeah all of these settings you kinda just copy over an forget about them over time. They change drastically between every version anyways. 2.0s approach is so different than 3.0-3.1s. "
We then proceed to spend hours trying to copy other peoples solutions and satisfy the type requirements for different services.
Guys look im trying really really hard to get into .NET. Harder then i should try. I come from .Node & php where you import a JWT library, you get the creds, check em and call on function to issue an Bearer token. You write a 5 line middleware function for getting teh claim and fetching the user into global scope and done.
This has been an ongoing nightmare and im about sick of it. I dont need a framework with an over-opinionated, ever changing way of handling auth.
OTHER FRAMEWORKS ARE SCAFFOLDING THIS SHIT FOR US ALREADY!!! ITS THE POINT OF A FRAMEWORK!! TO NOT HAVE TO REINVENT THE WHEEL!!
.NET needs to get its shit together. Most everything else about the framework is proving to be pretty rad though. Im about to get into SignalR though and im sure ill find equal frustration there.11