I'm going to write two applications. First will be web application in .NET Core 2.0 and the second will be desktop application written in ElectronJs (it should be cross platform).
I need one system login. I read about OAuth2 but I'm not sure if it is good for web applications.
I can write my own server authentication in .NET Core in Web Api but after that user and password will be send from Electron through internet each time when I will be need check if user is authenticated.
So the better way is to do OAuth2 and one window to login that will be added to web application in .NET Core and in to Electron. And then I will be check with token if user is authenticated. Is it a good solution?
You should end up developing these components:
Meanwhile you'll need to decide on a third party Authorization Server component. You would not code this yourself:
BLOG + CODE SAMPLES
It is quite tricky to get the OAuth apps coded to a good level, but I have a visual blog and some code samples based on my company's implementation.
Readers can just browse it and look at screenshots to understand the main issues, and to save themselves some work.
BASIC INTERACTION
The below links show how the above components would work together:
DESKTOP APPS
Desktop apps are tricky to understand - the recommendation is to open the system browser. I have a couple of samples using Electron - maybe start here: