Mihir.AspNetCore.Authentication.Basic 2.0.1

This NuGet package has been made obsolete and moved to a new package named 'AspNetCore.Authentication.Basic'. Please consider removing this package and download the new one as there will be no future updates on this package. Sorry for the inconvenience caused. This was done purely for the naming of the package. New package name is 'AspNetCore.Authentication.Basic' which can be downloaded using NuGet Package Manager or from AspNetCore.Authentication.Basic.

Easy to use and very light weight Microsoft style Basic Scheme Authentication Implementation for ASP.NET Core.

Suggested Alternatives

AspNetCore.Authentication.Basic

Additional Details

This NuGet package has been made obsolete and moved to a new package named 'AspNetCore.Authentication.Basic'. Please consider removing this package and download the new one as there will be no future updates on this package. Sorry for the inconvenience caused. This was done purely for the naming of the package. New package name is 'AspNetCore.Authentication.Basic' which can be downloaded using NuGet Package Manager or from AspNetCore.Authentication.Basic.

Install-Package Mihir.AspNetCore.Authentication.Basic -Version 2.0.1
dotnet add package Mihir.AspNetCore.Authentication.Basic --version 2.0.1
<PackageReference Include="Mihir.AspNetCore.Authentication.Basic" Version="2.0.1" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Mihir.AspNetCore.Authentication.Basic --version 2.0.1
The NuGet Team does not provide support for this client. Please contact its maintainers for support.

AspNetCore.Authentication.Basic

Easy to use and very light weight Microsoft style Basic Scheme Authentication Implementation for ASP.NET Core.

View On GitHub

Installing

This library is published on NuGet. So the NuGet package can be installed directly to your project if you wish to use it without making any custom changes to the code.

Download directly from below link. Please consider downloading the new package as the old one has been made obsolete.
New Package link - AspNetCore.Authentication.Basic.
Old Package link - Mihir.AspNetCore.Authentication.Basic.

Or by running the below command on your project.

PM> Install-Package AspNetCore.Authentication.Basic

Example Usage

Setting it up is quite simple. You will need basic working knowledge of ASP.NET Core 2.2 or newer to get started using this code.

On Startup.cs, as shown below, add 2 lines in ConfigureServices method services.AddAuthentication(BasicDefaults.AuthenticationScheme).AddBasic&lt;BasicUserValidationService&gt;(options =&gt; { options.Realm = &quot;My App&quot;; });. And a line app.UseAuthentication(); in Configure method.

Also add an implementation of IBasicUserValidationService as shown below in BasicUserValidationService.cs.

NOTE: Always use HTTPS (SSL Certificate) protocol in production when using Basic authentication.

Startup.cs (ASP.NET Core 3.0 or newer)
using AspNetCore.Authentication.Basic;
public class Startup
{
	public Startup(IConfiguration configuration)
	{
		Configuration = configuration;
	}

	public IConfiguration Configuration { get; }

	public void ConfigureServices(IServiceCollection services)
	{
		// Add the Basic scheme authentication here..
		// AddBasic extension takes an implementation of IBasicUserValidationService for validating the username and password. 
		// It also requires Realm to be set in the options.
		services.AddAuthentication(BasicDefaults.AuthenticationScheme)
			.AddBasic<BasicUserValidationService>(options => { options.Realm = "My App"; });

		services.AddControllers();

		//// By default, authentication is not challenged for every request which is ASP.NET Core's default intended behaviour.
		//// So to challenge authentication for every requests please use below option instead of above services.AddControllers().
		//services.AddControllers(options => 
		//{
		//	options.Filters.Add(new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build()));
		//});
	}

	public void Configure(IApplicationBuilder app, IHostingEnvironment env)
	{
		app.UseHttpsRedirection();

		// The below order of pipeline chain is important!
		app.UseRouting();

		app.UseAuthentication();
		app.UseAuthorization();

		app.UseEndpoints(endpoints =>
		{
			endpoints.MapControllers();
		});
	}
}
Startup.cs (ASP.NET Core 2.2)
using AspNetCore.Authentication.Basic;
public class Startup
{
	public Startup(IConfiguration configuration)
	{
		Configuration = configuration;
	}

	public IConfiguration Configuration { get; }

	public void ConfigureServices(IServiceCollection services)
	{
		// Add the Basic scheme authentication here..
		// AddBasic extension takes an implementation of IBasicUserValidationService for validating the username and password. 
		// It also requires Realm to be set in the options.
		services.AddAuthentication(BasicDefaults.AuthenticationScheme)
			.AddBasic<BasicUserValidationService>(options => { options.Realm = "My App"; });

		services.AddMvc();

		//// By default, authentication is not challenged for every request which is ASP.NET Core's default intended behaviour.
		//// So to challenge authentication for every requests please use below option instead of above services.AddMvc().
		//services.AddMvc(options => 
		//{
		//	options.Filters.Add(new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build()));
		//});
	}

	public void Configure(IApplicationBuilder app, IHostingEnvironment env)
	{
		app.UseAuthentication();
		app.UseMvc();
	}
}
BasicUserValidationService.cs
using AspNetCore.Authentication.Basic;
public class BasicUserValidationService : IBasicUserValidationService
{
	private readonly ILogger<BasicUserValidationService> _logger;
	
	public BasicUserValidationService(ILogger<BasicUserValidationService> logger)
	{
		_logger = logger;
	}

	public Task<bool> IsValidAsync(string username, string password)
	{
		try
		{
			// write your implementation here and return true or false depending on the validation..
			return Task.FromResult(true);
		}
		catch (Exception e)
		{
			_logger.LogError(e, e.Message);
			throw;
		}
	}
}

Additional Notes

Please note that, by default, with ASP.NET Core, all the requests are not challenged for authentication. So don't worry if your BasicUserValidationService is not hit when you don't pass the required basic authentication details with the request. It is a normal behaviour. ASP.NET Core challenges authentication only when it is specifically told to do so either by decorating controller/method with [Authorize] filter attribute or by some other means.

However, if you want all the requests to challenge authentication by default, depending on what you are using, you can add the below options line to ConfigureServices method on Startup class.

services.AddControllers(options => 
{ 
    options.Filters.Add(new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build()));
});

// OR

services.AddMvc(options => 
{
    options.Filters.Add(new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build()));
});

If you are not using MVC but, using Endpoints on ASP.NET Core 3.0 or newer, you can add a chain method .RequireAuthorization() to the endpoint map under Configure method on Startup class as shown below.

app.UseEndpoints(endpoints =>
{
    endpoints.MapGet("/", async context =>
    {
        await context.Response.WriteAsync("Hello World!");
    }).RequireAuthorization();  // NOTE THIS HERE!!!! 
});

References

License

MIT License

AspNetCore.Authentication.Basic

Easy to use and very light weight Microsoft style Basic Scheme Authentication Implementation for ASP.NET Core.

View On GitHub

Installing

This library is published on NuGet. So the NuGet package can be installed directly to your project if you wish to use it without making any custom changes to the code.

Download directly from below link. Please consider downloading the new package as the old one has been made obsolete.
New Package link - AspNetCore.Authentication.Basic.
Old Package link - Mihir.AspNetCore.Authentication.Basic.

Or by running the below command on your project.

PM> Install-Package AspNetCore.Authentication.Basic

Example Usage

Setting it up is quite simple. You will need basic working knowledge of ASP.NET Core 2.2 or newer to get started using this code.

On Startup.cs, as shown below, add 2 lines in ConfigureServices method services.AddAuthentication(BasicDefaults.AuthenticationScheme).AddBasic&lt;BasicUserValidationService&gt;(options =&gt; { options.Realm = &quot;My App&quot;; });. And a line app.UseAuthentication(); in Configure method.

Also add an implementation of IBasicUserValidationService as shown below in BasicUserValidationService.cs.

NOTE: Always use HTTPS (SSL Certificate) protocol in production when using Basic authentication.

Startup.cs (ASP.NET Core 3.0 or newer)
using AspNetCore.Authentication.Basic;
public class Startup
{
	public Startup(IConfiguration configuration)
	{
		Configuration = configuration;
	}

	public IConfiguration Configuration { get; }

	public void ConfigureServices(IServiceCollection services)
	{
		// Add the Basic scheme authentication here..
		// AddBasic extension takes an implementation of IBasicUserValidationService for validating the username and password. 
		// It also requires Realm to be set in the options.
		services.AddAuthentication(BasicDefaults.AuthenticationScheme)
			.AddBasic<BasicUserValidationService>(options => { options.Realm = "My App"; });

		services.AddControllers();

		//// By default, authentication is not challenged for every request which is ASP.NET Core's default intended behaviour.
		//// So to challenge authentication for every requests please use below option instead of above services.AddControllers().
		//services.AddControllers(options => 
		//{
		//	options.Filters.Add(new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build()));
		//});
	}

	public void Configure(IApplicationBuilder app, IHostingEnvironment env)
	{
		app.UseHttpsRedirection();

		// The below order of pipeline chain is important!
		app.UseRouting();

		app.UseAuthentication();
		app.UseAuthorization();

		app.UseEndpoints(endpoints =>
		{
			endpoints.MapControllers();
		});
	}
}
Startup.cs (ASP.NET Core 2.2)
using AspNetCore.Authentication.Basic;
public class Startup
{
	public Startup(IConfiguration configuration)
	{
		Configuration = configuration;
	}

	public IConfiguration Configuration { get; }

	public void ConfigureServices(IServiceCollection services)
	{
		// Add the Basic scheme authentication here..
		// AddBasic extension takes an implementation of IBasicUserValidationService for validating the username and password. 
		// It also requires Realm to be set in the options.
		services.AddAuthentication(BasicDefaults.AuthenticationScheme)
			.AddBasic<BasicUserValidationService>(options => { options.Realm = "My App"; });

		services.AddMvc();

		//// By default, authentication is not challenged for every request which is ASP.NET Core's default intended behaviour.
		//// So to challenge authentication for every requests please use below option instead of above services.AddMvc().
		//services.AddMvc(options => 
		//{
		//	options.Filters.Add(new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build()));
		//});
	}

	public void Configure(IApplicationBuilder app, IHostingEnvironment env)
	{
		app.UseAuthentication();
		app.UseMvc();
	}
}
BasicUserValidationService.cs
using AspNetCore.Authentication.Basic;
public class BasicUserValidationService : IBasicUserValidationService
{
	private readonly ILogger<BasicUserValidationService> _logger;
	
	public BasicUserValidationService(ILogger<BasicUserValidationService> logger)
	{
		_logger = logger;
	}

	public Task<bool> IsValidAsync(string username, string password)
	{
		try
		{
			// write your implementation here and return true or false depending on the validation..
			return Task.FromResult(true);
		}
		catch (Exception e)
		{
			_logger.LogError(e, e.Message);
			throw;
		}
	}
}

Additional Notes

Please note that, by default, with ASP.NET Core, all the requests are not challenged for authentication. So don't worry if your BasicUserValidationService is not hit when you don't pass the required basic authentication details with the request. It is a normal behaviour. ASP.NET Core challenges authentication only when it is specifically told to do so either by decorating controller/method with [Authorize] filter attribute or by some other means.

However, if you want all the requests to challenge authentication by default, depending on what you are using, you can add the below options line to ConfigureServices method on Startup class.

services.AddControllers(options => 
{ 
    options.Filters.Add(new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build()));
});

// OR

services.AddMvc(options => 
{
    options.Filters.Add(new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build()));
});

If you are not using MVC but, using Endpoints on ASP.NET Core 3.0 or newer, you can add a chain method .RequireAuthorization() to the endpoint map under Configure method on Startup class as shown below.

app.UseEndpoints(endpoints =>
{
    endpoints.MapGet("/", async context =>
    {
        await context.Response.WriteAsync("Hello World!");
    }).RequireAuthorization();  // NOTE THIS HERE!!!! 
});

References

License

MIT License

Release Notes

This NuGet package has been made obsolete and moved to a new package named 'AspNetCore.Authentication.Basic'. Please consider removing this package and download the new one as there will be no future updates on this package. Sorry for the inconvenience caused. This was done purely for the naming of the package. New package name is 'AspNetCore.Authentication.Basic' which can be downloaded using NuGet Package Manager or from AspNetCore.Authentication.Basic.

GitHub repositories (0)

This package is not used by any popular GitHub repositories.

Version History

Version Downloads Last updated
2.0.1 168 12/18/2019
2.0.0 123 10/25/2019
1.0.2 638 3/23/2018
1.0.1 498 3/23/2018
1.0.0 397 3/22/2018