Generating a token

With our /auth/secret endpoint safely locked away behind the authorize attribute, we need some way of authenticating and authorizing a user. For that, we'll use the AuthenticateUser() method, which is configured with the AllowAnonymous attribute to enable anyone to attempt to log in. The first thing we'll need is a list of users. For this, I've created a simple dictionary of username:password combinations in a user_vault.json file, which we can access with a static UserVault class. The UserVault class then exposes a simple method for checking whether a username:password combination exists in our user database. So, let's let user_vault.json be defined as follows:

{    "aladdin": "open_sesame", "dr_suess": "green_eggs_and_ham", ...

Get Hands-On Network Programming with C# and .NET Core now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.