AspNetCore.Authentication.Basic
6.0.1
.NET 5.0
This package targets .NET 5.0. The package is compatible with this framework or higher.
.NET Core 3.0
This package targets .NET Core 3.0. The package is compatible with this framework or higher.
.NET Standard 2.0
This package targets .NET Standard 2.0. The package is compatible with this framework or higher.
.NET Framework 4.6.1
This package targets .NET Framework 4.6.1. The package is compatible with this framework or higher.
There is a newer version of this package available.
See the version list below for details.
See the version list below for details.
dotnet add package AspNetCore.Authentication.Basic --version 6.0.1
NuGet\Install-Package AspNetCore.Authentication.Basic -Version 6.0.1
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="AspNetCore.Authentication.Basic" Version="6.0.1" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add AspNetCore.Authentication.Basic --version 6.0.1
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: AspNetCore.Authentication.Basic, 6.0.1"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install AspNetCore.Authentication.Basic as a Cake Addin #addin nuget:?package=AspNetCore.Authentication.Basic&version=6.0.1 // Install AspNetCore.Authentication.Basic as a Cake Tool #tool nuget:?package=AspNetCore.Authentication.Basic&version=6.0.1
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
Example Usage
Samples are available on GitHub.
Setting it up is quite simple. You will need basic working knowledge of ASP.NET Core 2.0 or newer to get started using this library.
There are 2 different ways of using this library to do it's job. Both ways can be mixed if required.
1] Using the implementation of IBasicUserValidationService
2] Using BasicOptions.Events (OnValidateCredentials delegate) which is same approach you will find on Microsoft's authentication libraries
Notes:
- It requires Realm to be set in the options if SuppressWWWAuthenticateHeader is not set.
- If an implementation of IBasicUserValidationService interface is used as well as BasicOptions.Events.OnValidateCredentials delegate is also set then this delegate will be used first.
Always use HTTPS (SSL Certificate) protocol in production when using basic authentication.
Startup.cs (ASP.NET Core 3.0 onwards)
using AspNetCore.Authentication.Basic;
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
// It requires Realm to be set in the options if SuppressWWWAuthenticateHeader is not set.
// If an implementation of IBasicUserValidationService interface is used as well as options.Events.OnValidateCredentials delegate is also set then this delegate will be used first.
services.AddAuthentication(BasicDefaults.AuthenticationScheme)
// The below AddBasic without type parameter will require options.Events.OnValidateCredentials delegete to be set.
//.AddBasic(options => { options.Realm = "My App"; });
// The below AddBasic with type parameter will add the BasicUserValidationService to the dependency container.
.AddBasic<BasicUserValidationService>(options => { options.Realm = "My App"; });
services.AddControllers();
//// By default, authentication is not challenged for every request which is ASP.NET Core's default intended behaviour.
//// So to challenge authentication for every requests please use below FallbackPolicy option.
//services.AddAuthorization(options =>
//{
// options.FallbackPolicy = new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build();
//});
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseHttpsRedirection();
// The below order of pipeline chain is important!
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
}
Startup.cs (ASP.NET Core 2.0 onwards)
using AspNetCore.Authentication.Basic;
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
// It requires Realm to be set in the options if SuppressWWWAuthenticateHeader is not set.
// If an implementation of IBasicUserValidationService interface is used as well as options.Events.OnValidateCredentials delegate is also set then this delegate will be used first.
services.AddAuthentication(BasicDefaults.AuthenticationScheme)
// The below AddBasic without type parameter will require options.Events.OnValidateCredentials delegete to be set.
//.AddBasic(options => { options.Realm = "My App"; });
// The below AddBasic with type parameter will add the BasicUserValidationService to the dependency container.
.AddBasic<BasicUserValidationService>(options => { options.Realm = "My App"; });
services.AddMvc();
//// By default, authentication is not challenged for every request which is ASP.NET Core's default intended behaviour.
//// So to challenge authentication for every requests please use below option instead of above services.AddMvc().
//services.AddMvc(options =>
//{
// options.Filters.Add(new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build()));
//});
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseAuthentication();
app.UseMvc();
}
}
BasicUserValidationService.cs
using AspNetCore.Authentication.Basic;
public class BasicUserValidationService : IBasicUserValidationService
{
private readonly ILogger<BasicUserValidationService> _logger;
private readonly IUserRepository _userRepository;
public BasicUserValidationService(ILogger<BasicUserValidationService> logger, IUserRepository userRepository)
{
_logger = logger;
_userRepository = userRepository;
}
public async Task<bool> IsValidAsync(string username, string password)
{
try
{
// NOTE: DO NOT USE THIS IMPLEMENTATION. THIS IS FOR DEMO PURPOSE ONLY
// Write your implementation here and return true or false depending on the validation..
var user = await _userRepository.GetUserByUsername(username);
var isValid = user != null && user.Password == password;
return isValid;
}
catch (Exception e)
{
_logger.LogError(e, e.Message);
throw;
}
}
}
Configuration (BasicOptions)
Realm
Required to be set if SuppressWWWAuthenticateHeader is not set to true. It is used with WWW-Authenticate response header when challenging un-authenticated requests.
SuppressWWWAuthenticateHeader
Default value is false.
If set to true, it will NOT return WWW-Authenticate response header when challenging un-authenticated requests.
If set to false, it will return WWW-Authenticate response header when challenging un-authenticated requests.
IgnoreAuthenticationIfAllowAnonymous (available on ASP.NET Core 3.0 onwards)
Default value is false.
If set to true, it checks if AllowAnonymous filter on controller action or metadata on the endpoint which, if found, it does not try to authenticate the request.
Events
The object provided by the application to process events raised by the basic authentication middleware.
The application may implement the interface fully, or it may create an instance of BasicEvents and assign delegates only to the events it wants to process.
OnValidateCredentials
OnAuthenticationSucceeded
OnAuthenticationFailed
OnHandleChallenge
OnHandleForbidden
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net5.0 is compatible. net5.0-windows was computed. net6.0 is compatible. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
| .NET Core | netcoreapp2.0 was computed. netcoreapp2.1 was computed. netcoreapp2.2 was computed. netcoreapp3.0 is compatible. netcoreapp3.1 is compatible. |
| .NET Standard | netstandard2.0 is compatible. netstandard2.1 was computed. |
| .NET Framework | net461 is compatible. net462 was computed. net463 was computed. net47 was computed. net471 was computed. net472 was computed. net48 was computed. net481 was computed. |
| MonoAndroid | monoandroid was computed. |
| MonoMac | monomac was computed. |
| MonoTouch | monotouch was computed. |
| Tizen | tizen40 was computed. tizen60 was computed. |
| Xamarin.iOS | xamarinios was computed. |
| Xamarin.Mac | xamarinmac was computed. |
| Xamarin.TVOS | xamarintvos was computed. |
| Xamarin.WatchOS | xamarinwatchos was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
.NETCoreApp 3.0
- No dependencies.
-
.NETCoreApp 3.1
- No dependencies.
-
.NETFramework 4.6.1
- Microsoft.AspNetCore.Authentication (>= 2.2.0)
-
.NETStandard 2.0
- Microsoft.AspNetCore.Authentication (>= 2.2.0)
-
net5.0
- No dependencies.
-
net6.0
- No dependencies.
NuGet packages (1)
Showing the top 1 NuGet packages that depend on AspNetCore.Authentication.Basic:
| Package | Downloads |
|---|---|
|
VIQCoreNet
ASP.NET WEB Service Framework |
GitHub repositories (1)
Showing the top 1 popular GitHub repositories that depend on AspNetCore.Authentication.Basic:
| Repository | Stars |
|---|---|
|
rnwood/smtp4dev
smtp4dev - the fake smtp email server for development and testing
|
- net6.0 support added
- Information log on handler is changed to Debug log when IgnoreAuthenticationIfAllowAnonymous is enabled
- Readme updated
- Copyright year updated on License