Padlock on a wooden door

Adding integration tests for permission-protected API endpoints in ASP.NET Core

This is the forth post in the Authorization in ASP.NET Core series. Part 1: Using a middleware to build a permission-based identity in ASP.NET Core Part 2: Deep dive into policy-based authorization in ASP.NET Core Part 3: Protecting your API endpoints with dynamic policies in ASP.NET Core Part 4: Adding integration tests for permission-protected API endpoints in ASP.NET Core (this post) In the previous post I demonstrated an approach to add authorization to our API endpoints....

May 12, 2021 · 9 min · Joao Grassi
Brick wall

Protecting your API endpoints with dynamic policies in ASP.NET Core

This is the third post in the Authorization in ASP.NET Core series. Part 1: Using a middleware to build a permission-based identity in ASP.NET Core Part 2: Deep dive into policy-based authorization in ASP.NET Core Part 3: Protecting your API endpoints with dynamic policies in ASP.NET Core (this post) Part 4: Adding integration tests for permission-protected API endpoints in ASP.NET Core In this post, we’ll come full circle....

March 31, 2021 · 14 min · Joao Grassi
Blue jelly fishes in deep ocean

Deep dive into policy-based authorization in ASP.NET Core

This is the second post in the Authorization in ASP.NET Core series. Part 1: Using a middleware to build a permission-based identity in ASP.NET Core Part 2: Deep dive into policy-based authorization in ASP.NET Core (this post) Part 3: Protecting your API endpoints with dynamic policies in ASP.NET Core Part 4: Adding integration tests for permission-protected API endpoints in ASP.NET Core In the previous post, we set the foundation by creating a ClaimsIdentity containing all the logged-in user permissions with the help of a custom middleware....

March 15, 2021 · 14 min · Joao Grassi
No trespassing sign

Using a middleware to build a permission-based identity in ASP.NET Core

This post is the first in a series about Authorization in ASP.NET Core. I’ll guide you through a series of approaches you can use to implement authorization in your ASP.NET Core APIs, focusing on advanced/real-world scenarios. Here’s a sneak peek for what I plan to show you: Where to store and resolve authorization-like data How to protect your API endpoints using permission-based authorization using the built-in types in the framework Reduce duplication and make things smarter by implementing a custom Authentication Handler....

March 6, 2021 · 11 min · Joao Grassi
Ghost  Hugo

Migrating my blog from Ghost to Hugo

In this post I’ll talk about my recent experience of migrating this very single blog from Ghost to Hugo. More specifically, I want to talk about: Why I decided to migrate; What were the pain points; What were the good points and something about hosting. So let’s start! Why touch something that works? Isn’t this the mantra for us, software ppl? Jokes aside, when I first started my blog over in 2018 (2 years already, whoa!...

December 31, 2020 · 13 min · Joao Grassi