C
C#2w ago
Oleex

Authorization with Identity

Hey, I'm currently coding an API in ASP.Net Core and am trying to implement a delete endpoint. The entity that gets deleted (a character) belongs to a player, so only that player should be able to delete. Now my question is, how does the endpoint know, which player/user is accessing it? I coded the JWT Generation following a tutorial a while back and I don't know how it works anymore. ChatGPT said something like I should include the playerID in the claims.. here some screenshot of my code (hopefully in order: JWT Generation, Endpoint, Service, Repository)
No description
No description
No description
No description
3 Replies
Arjix
Arjix2w ago
to clarify, you want to know how to check the claims from the controller? since you have the username/email in the claims, you can retrieve the player from the database, and use their id to remove the character what do you have trouble with, specifically?
Dyda
Dyda2w ago
in JWT you should include information about userID from database then deserialize JWT and create something like userSession class. It's one of the way
Unknown User
Unknown User2w ago
Message Not Public
Sign In & Join Server To View

Did you find this page helpful?