CodeWorks.Auth
0.0.1
There is a newer version of this package available.
See the version list below for details.
See the version list below for details.
dotnet add package CodeWorks.Auth --version 0.0.1
NuGet\Install-Package CodeWorks.Auth -Version 0.0.1
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="CodeWorks.Auth" Version="0.0.1" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
<PackageVersion Include="CodeWorks.Auth" Version="0.0.1" />
<PackageReference Include="CodeWorks.Auth" />
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.
paket add CodeWorks.Auth --version 0.0.1
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: CodeWorks.Auth, 0.0.1"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
#:package CodeWorks.Auth@0.0.1
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.
#addin nuget:?package=CodeWorks.Auth&version=0.0.1
#tool nuget:?package=CodeWorks.Auth&version=0.0.1
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
AuthModule
A highly flexible, pluggable authentication module for .NET APIs that supports:
- JWT bearer token authentication
- Email/password login with secure hashing
- Role and permission-based authorization via
[Authorize]and[HasPermission] - Email verification workflows
- Magic link login support
- Abstracted storage and email services for full control
Features
- ✅ Storage-agnostic: Bring your own
User,UserStore,TokenStore, andEmailSender - ✅ Secure by default: Uses ASP.NET Core Identity's password hasher and JWT best practices
- ✅ Policy-based authorization: Out of the box support for roles and custom permissions
- ✅ Plug-and-play email auth: Verification and magic link flows supported
- ✅ Ready for NuGet packaging
Installation
Add the package (once published):
Install-Package CodeWorks.Auth
Getting Started
1. Define Your User
public class AppUser : IUser
{
public string Id { get; set; }
public string Email { get; set; }
public string PasswordHash { get; set; }
public bool IsEmailVerified { get; set; }
public IEnumerable<string> Roles { get; set; }
public IEnumerable<string> Permissions { get; set; }
}
2. Implement Required Interfaces
IUserStore<TUser>
Manages user persistence (load/save/verify).
IUserTokenStore
Manages tokens used for email verification or magic login.
IUserEmailSender
Sends emails to users with custom logic (SMTP, SendGrid, etc.).
3. Register the Module
services.AddAuthModule<AppUser, AppUserStore>(options =>
{
options.SigningKey = Configuration["Jwt:Key"];
options.Issuer = "your-api";
options.Audience = "your-users";
options.Expiration = TimeSpan.FromHours(1);
},
new[] { "CanViewReports", "CanDeleteUsers" });
Usage
Login and Registration
Use IAuthService<TUser>:
await authService.RegisterAsync(user, password);
await authService.LoginAsync(email, password);
Email Verification & Magic Links
Use EmailAuthService<TUser>:
await emailAuth.RequestVerificationEmailAsync(user, "https://your.site/verify");
await emailAuth.ConfirmEmailAsync(token);
await emailAuth.RequestMagicLinkAsync(email, "https://your.site/login");
await emailAuth.RedeemMagicLinkAsync(token);
Authorization
Roles
[Authorize(Roles = "Admin")]
Permissions
[HasPermission("CanDeleteUsers")]
Email Setup
Development
For local development, use a simple log-based sender:
public class DevEmailSender : IUserEmailSender
{
private readonly ILogger<DevEmailSender> _logger;
public DevEmailSender(ILogger<DevEmailSender> logger)
{
_logger = logger;
}
public Task SendVerificationEmailAsync(IUser user, string tokenUrl)
{
_logger.LogInformation($"[DEV] Verification link for {user.Email}: {tokenUrl}");
return Task.CompletedTask;
}
public Task SendMagicLinkAsync(IUser user, string tokenUrl)
{
_logger.LogInformation($"[DEV] Magic login link for {user.Email}: {tokenUrl}");
return Task.CompletedTask;
}
}
Register it conditionally:
if (env.IsDevelopment())
{
services.AddScoped<IUserEmailSender, DevEmailSender>();
}
Production
Use a real SMTP service like MailKit to send actual emails. Here’s a starting point:
- MailKit NuGet: https://www.nuget.org/packages/MailKit
- Example usage guide: https://github.com/jstedfast/MailKit/blob/master/FAQ.md#sending-messages
- SMTP via Cloudflare guide: Use Your Domain's Email via SMTP
You can also configure third-party providers such as:
Extensibility
IUser- your user modelIUserStore<TUser>- storage logicIUserTokenStore- token persistenceIUserEmailSender- email transport
Roadmap
- Multi-factor authentication
- TOTP support
License
MIT or commercial dual-license (TBD).
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net9.0 is compatible. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 was computed. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
net9.0
- Microsoft.AspNetCore.Authentication.JwtBearer (>= 9.0.3)
- Microsoft.AspNetCore.Identity (>= 2.3.1)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.