Joao Grassi’s Blog

My errands in software development. Mostly .NET stuff, with a bit of front-end here and there.
Padlock on a wooden door

Adding integration tests for permission-protected API endpoints in ASP.NET Core

This is the forth post in the Authorization in ASP.NET Core series. Part 1: Using a middleware to build a permission-based identity in ASP.NET Core Part 2: Deep dive into policy-based authorization in ASP.NET Core Part 3: Protecting your API endpoints with dynamic policies in ASP.NET Core Part 4: Adding integration tests for permission-protected API endpoints in ASP.NET Core (this post) In the previous post I demonstrated an approach to add authorization to our API endpoints....

Brick wall

Protecting your API endpoints with dynamic policies in ASP.NET Core

This is the third post in the Authorization in ASP.NET Core series. Part 1: Using a middleware to build a permission-based identity in ASP.NET Core Part 2: Deep dive into policy-based authorization in ASP.NET Core Part 3: Protecting your API endpoints with dynamic policies in ASP.NET Core (this post) Part 4: Adding integration tests for permission-protected API endpoints in ASP.NET Core In this post, we’ll come full circle. I’ll show you how to put everything together and start authorizing API endpoints with permissions....

Blue jelly fishes in deep ocean

Deep dive into policy-based authorization in ASP.NET Core

This is the second post in the Authorization in ASP.NET Core series. Part 1: Using a middleware to build a permission-based identity in ASP.NET Core Part 2: Deep dive into policy-based authorization in ASP.NET Core (this post) Part 3: Protecting your API endpoints with dynamic policies in ASP.NET Core Part 4: Adding integration tests for permission-protected API endpoints in ASP.NET Core In the previous post, we set the foundation by creating a ClaimsIdentity containing all the logged-in user permissions with the help of a custom middleware....

No trespassing sign

Using a middleware to build a permission-based identity in ASP.NET Core

This post is the first in a series about Authorization in ASP.NET Core. I’ll guide you through a series of approaches you can use to implement authorization in your ASP.NET Core APIs, focusing on advanced/real-world scenarios. Here’s a sneak peek for what I plan to show you: Where to store and resolve authorization-like data How to protect your API endpoints using permission-based authorization using the built-in types in the framework Reduce duplication and make things smarter by implementing a custom Authentication Handler....

Ghost > Hugo

Migrating my blog from Ghost to Hugo

In this post I’ll talk about my recent experience of migrating this very single blog from Ghost to Hugo. More specifically, I want to talk about: Why I decided to migrate; What were the pain points; What were the good points and something about hosting. So let’s start! Why touch something that works? Isn’t this the mantra for us, software ppl? Jokes aside, when I first started my blog over in 2018 (2 years already, whoa!...