Tech Seeker

Part3  we had enabled the JWT token validation and discussed different authorization techniques as well. In this article, we will understand Refresh Token creation and its usage. When To Use Refresh Token: A refresh token is a unique random encrypted string. On the expiration of the JWT auth access token, instead of showing a login page to the user, we can make the user authenticated immediately using the refresh token. By using refresh token we can fetch new user access tokens from the server without any user credentials. Generate Refresh Token: In 'AuthLogic.cs' file add a new private method like 'GenerateRefreshToken()'. Logics/AuthLogics.cs: private string GenerateRefreshToken() { var randomNumber = new byte[32]; using (var generator = RandomNumberGenerator.Create()) { generator.GetBytes(randomNumber); return Convert.ToBase64String(randomNumber); } } Here using 'System.Security.Cryptography.RandomNumberGenerator' generated refresh token of leng

Part2  we had generated a JWT access token for the user authentication. In this article, we are going to validate the JWT access token and also understand different techniques of Authorization. Install JwtBearer NuGet: To enable jwt token validation service we have to install JwtBearer NuGet. Package Manager Command: Install-Package Microsoft.AspNetCore.Authentication.JwtBearer -Version 5.0.4 .Net CLI Command: dotnet add package Microsoft.AspNetCore.Authentication.JwtBearer --version 5.0.4 Register JwtBearer Service: In the 'Startup.cs' file, we should register our JwtBearer validation service. Startup.cs: services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { var tokenSettings = Configuration .GetSection("TokenSettings").Get<TokenSettings>(); options.TokenValidationParameters = new TokenValidationParameters { ValidIssuer = tokenSettings.Issuer, ValidateIssuer = true, ValidAudience = tokenSettings.Audienc

Part1  discussed user registration. In this article, we are going to implement logic to generate the JWT access token in the Hot Chocolate GraphQL. Overview On JWT(JSON Web Token): JSON Web Token is a digitally signed and secured token for user validation. The jwt is constructed with 3 informative parts: Header Payload Signature Install JWT NuGet: Package Manager Command: Install-Package System.IdentityModel.Tokens.Jwt -Version 6.9.0 .Net CLI Command: dotnet add package System.IdentityModel.Tokens.Jwt --version 6.9.0 Add Token Settings: While generating the JWT access token, few token-specific settings need to be specified. appsettings.Development.json: "TokenSettings":{ "Issuer":"localhost:5001", "Audience":"js.app.com", "Key":"SomeRandomlyGeneratedStringSomeRandomlyGeneratedString" } The 'Issuer' is like the identification of the server that generated the token. In access token 'iss'

About The Series: Using Pure Code First Technique In Hot Chocolate GraphQL, Custom Authentication Series: Part1 User Registration Resolver Part2 Generating JWT Access Token For User Authentication. Part3 Validating JWT Access Token And Different Authorization Techniques Part4 Generating Refresh Token. So this our Part-1 of the series where we are going to create a sample in GraphQL for user registration. SQL Tables: Create 2 tables like 'User' and 'UserRoles'. User Table: CREATE TABLE [dbo].[User]( [UserId] [int] IDENTITY(1,1) NOT NULL, [FirstName] [varchar](192) NULL, [LastName] [varchar](192) NULL, [EmailAddress] [varchar](192) NOT NULL, [Password] [varchar](640) NOT NULL, [RefreshToken] [varchar](640) NULL, [RefershTokenExpiration] [datetime] NULL, CONSTRAINT [PK_User] PRIMARY KEY CLUSTERED ( [UserId] ASC )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] ) ON [PRIMARY

In this article, we are going to understand Hot Chocolate GraphQL implementation in pure code first approach. GraphQL: GraphQL is an open-source data query and manipulation and language for APIs. It is a query language for your API and a server-side runtime for executing queries by using a type system you define for your data. GraphQL can be integrated into any framework like .Net, Java, NestJS, etc and it isn't tied to any specific database or storage engine and instead backed by your existing code and data. GraphQL 2 main operations: Query(fetching data) Mutation(saving or updating data) An Overview On GraphQL SDL(Schema Definition Language): In GraphQL queries or mutations made up of Schema Definition Language. This SDL syntax looks similar to a javascript object. But as a c# developer no need to learn this SDL, Hot Chocolate library makes our learning path very easy in this case. So this section is to get the basic idea of the SDL. GraphQL schema objects are created by usin

How GraphQL Extending Object Types Helps?: In GraphQL two major operations are 'Queries' and 'Mutations'.  So when we think from the code point of view all query-related logics maintain in one file and all mutation-related logics are maintained in another file. That's because GraphQL schema can't accept multiple 'Queries' and 'Mutations'. But it is a very tedious job to maintain whole business logic in just 2 files(1Query and 1 Mutation file). So to make it simple GraphQL has one technique called 'extend'. The 'extend' GraphQL schema gives us the flexibility to extend the main 'Query' or 'Mutation' which means we can have sub Queries or Mutation those derived from the parent. On execution time everything merged as a single Query or Mutation schema. Hot Chocolate GraphQL Extending Approaches: Extending Object Types can be done in 2 different approaches: Code First Pure Code First Code First: In the code first ap