Search code examples
c#asp.netaspnetboilerplate

ASP.NET Boilerplate multiple services

Good Morning,

I am trying to understand the right way to extend ASP.Net Boilerplate, to create multiple web service that use the same authentication and authorization such as JWT, and the underlying framework.

For example I want to build the main Web API to have starting endpoints on /api/webapp1 Second service to start on/api/webapp2 Third service to start on/api/webapp3 Fourth service to start on /api/webapp4 - Maybe this needs to run on .Net standard rather than core?

I don't want to build a monolithic web application as I may want one or some of my web services to run on Windows as it may have dependencies, whereas the rest of the codebase could run on Linux etc.

What is best way scaffold the application and the projects? I am trying to minimise on Code duplication (DRY). My current thought process is to replicate the web.host project but should I create a separate web service that completely manages Authentication?

Solution

  • Create four .NET 5.0 WebApis, you can run them both on Linux and Windows. And when it comes to authentication it's really easy to implement basic JWT with literally six lines in each service assuming that you're using Open Id Connect.

    services
    .AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
    .AddJwtBearer(o =>
    {
        o.Authority = "https://localhost:5001";
    });

    You're just pointing Authentication Middleware to your Open Id Connect server by setting up Authority and that's all. It will validate tokens for you and populate ClaimsPrincipal. .NET 5.0 and .NET Core are full of such easy configurations for cross-cutting concerns, so that's why I say you can easily split up your app into four APIs and still conform to DRY. Adding an additional project for shared stuff is a good idea too, but just don't add too much to it, so the entire system won't degrade to a monolith disguising distributed system.

    should I create a separate web service that completely manages Authentication?

    It's a good idea I would take it even far beyond and recommend not doing sign-in logic, storing passwords etc. by yourself, but using some existing solution that implements Open Id Connect like IdentityServer4 or KeyCloack.

    If you want to have all these applications under the same address behind e.g. /api route. You can use Ocelot as your API gateway.

    Btw you can't run your API on .netstandard it must be Framework, Core or 5.0.