Securing ASP.NET Core APIs with Custom Authentication Middleware and IP Restriction Middleware
Andrew Chaa has been working on authentication and security for last coulple of years and currently works at GSA Capital as Senior Software Enginner
ASP.NET Core is the low-overhead, high-performance counterpart to the .NET Framework’s ASP.NET. In this session, we will cover fundamental concepts of security and will secure our APIs by implementing authentication and authorization middleware.
The Internet is like wild west with hackers and crackers, and we can't leave our hard-worked apis vulnerable online. Let's secuire out apis endpoints with various techniques. It's also very interesting and rewarding to understand web security. The session will break down like the followings:
- How SSL works and how to set up HTTPS on Kestrel server
- What is Middleware and what are the benefits
- Let's restrict the access to our APIs with authentication and authorization
- Another layer of security. IP restriction