Monthly Archives: May 2017

Anti-Forgery Validation with ASP.NET Core MVC and Angular

May 9, 2017 · by · in .NET Core, angular, ASP.NET Core, ASPNET5, dotnet, Security · 11 Comments

This article shows how API requests from an Angular SPA inside an ASP.NET Core MVC application can be protected against XSRF by adding an anti-forgery cookie. This is required, if using Angular, when using cookies to persist the auth token. Code: https://github.com/damienbod/AspNetCoreMvcAngular Blogs in this Series Using Angular in an ASP.NET Core View with Webpack […]

Secure ASP.NET Core MVC with Angular using IdentityServer4 OpenID Connect Hybrid Flow

May 6, 2017 · by · in .NET, .NET Core, angular, ASP.NET Core, ASPNET5, dotnet, MVC, OAuth2, Security, Typescript · 20 Comments

This article shows how an ASP.NET Core MVC application using Angular in the razor views can be secured using IdentityServer4 and the OpenID Connect Hybrid Flow. The user interface uses server side rendering for the MVC views and the Angular app is then implemented in the razor view. The required security features can be added […]

Using Angular in an ASP.NET Core View with Webpack

May 2, 2017 · by · in .NET, .NET Core, angular, ASP.NET Core, ASPNET5 · 7 Comments

This article shows how Angular can be run inside an ASP.NET Core MVC view using Webpack to build the Angular application. By using Webpack, the Angular application can be built using the AOT and Angular lazy loading features and also profit from the advantages of using a server side rendered view. If you prefer to […]