In this repository, Felipe will exploring some ways to implement Authentication and Authorization mechanism in ASP.NET Core to build an ASP.NET Web Application or ASP.NET API Application. I will also be using this repository for my own reference in future projects I will be working. You can use this code anyway you want, just leave a reference where you get it :) like I am doing here.

Authentication is a process of verifying and identifying users to allow them access to protected resources. Once a user is authenticated, an extra step is the Authorization which determines whether the user is permitted or denied access to specific resources. Some application can also contains resources or data that does not requires authentication and we call this as public access or in some technical .NET terms, Anonymous access.

In essence, Authentication establishes the user's identity, while Authorization check their access to the features or data within an application.

Every project in the Solutions explores an authentication mechanism and to make sure we understand everything. It is important to mention I started it from the scratch without frameworks and then evolve towards more sophisticated solutions.

This example illustrates how we could implement an Authentication mechanism based on the existing implementation available in the ASP.NET Core, but accessing http feature via HtppContext, without any framework. This implementation uses cookies to create the state of the authentication within the browser.

Warning: It is not recommend to be used as production code. Please consider ASP.NET Core features to implement it.