Note from the Developer: This is a very early release and this process will improve over time! Please let me know if you have any constructive feedback. Also note that these instructions are for installation on Windows environments.
The following software packages are required to follow along with this documentation:
- Microsoft .NET Framework 9
- Microsoft SQL Server (any edition) - For this documentation we will be using the free Express Edition.
- SQL Server Management Studio (SSMS) - Used for creating the database.
- NodeJS
- Create a
c:\SmtpPickupdirectory on your computer. Simulated registration and password recovery emails will be caught in this folder.
git clone https://github.com/lymestack/SimpleAuth4Net.git
cd SimpleAuth4Net
First start by replacing the value of the TokenSecret config setting in the App Settings file with randomly generated 64 byte (or more) secret.
To generate a random secret, you can use the provided Powershell or Python scripts.
In Powershell:
Note: In Powershell, per this article, you will need to run this Powershell command on your computer prior to running the next command:
Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope CurrentUser
.\generate-token-secret.ps1In Python:
python generate-token-secret.pySample Output:
Generating a secure TOKEN_SECRET...
TOKEN_SECRET: 9as8ma2iRGZypKiAGdivENIQ1lMEqJsmtMQ25J8A/W0SKoqVu11IeWLkG1nYypgoOSFY3DIFqOshK57HZMLI6g==
Copy the above TOKEN_SECRET and use it in your application.
Copy the TOKEN_SECRET value generated by the program and paste that value into the AuthSettings:TokenSecret node in the WebApi/WebApi/appsettings.json App Settings file.
Note: If you are following along in a non-Windows environment, you'll need to run SQL Server for Linux either natively on a Linux instance or within a Docker container.
- Open SSMS and connect to the
.\SQLEXPRESSinstance. - Create a new database or pick an existing database. For this doc, we are creating a new database called
SimpleAuth. - Right click the new database and select the "New Query" option.
- Copy the contents of the file
CreateDb.sql(located in the repo root directory) into the query window and press F5 to run the query.
There is more than one way to go about this. For this tutorial, there are two ways that will be recommended.
- Run the
Run.batfile in your repository root. This will open two terminal windows that automate the steps described in the Manual Start instructions below. At this point you should see the home page of the Angular App and you can skip ahead to Step 5.
Follow the following steps to run the app manually.
Open a new command window in the WebApi folder located in root of the repo.
dotnet run --project WebApiIn your browser, navigate to: https://localhost:7214/AppConfig
At this point you should see JSON configuration data and the API should be up and running.
There are currently 3 sample SPA apps that can authenticate with the API - Angular, react and VueJS. Currently, the Angular version is the most polished of the implementations whereas the React and Vue apps are more simplistic and academic in nature. The Angular client app also includes UI to administer users and roles. This guide only covers getting the Angular app up and running, but instructions to run the React and Vue apps are on their respective documentation pages.
Open another command window in ng-app folder located in the root of the repo
npm install
npm startIn your browser, navigate to: http://localhost:4200
At this point you should see the home page of the Angular App.
- Once the app loads, click the "Test Secure Resource" button to demonstrate an attempt to reach a secure endpoint on the API. You should receive a red error message indicating that the resource could not be accessed.
- On the home page, click the "Login" button and then the "Register" button.
- Fill out your information and click the Submit button. By default, the first user created in the system will be given "Admin" role access.
- Click the "Login" link.
- Enter the credentials you just created.
- After logging in, click the "Test Secure Resource" button. You should receive a success message saying that the endpoint worked.
That's it! At this point, you should have Auth up and running on your local machine!
Instructions for configuring this can be found on the Google SSO page.