| name | net-jwt-auth |
| description | Implement JWT authentication and authorization for ASP.NET Core |
| license | MIT |
| compatibility | opencode |
| metadata | {"audience":".net-developers","framework":"aspnetcore","security":"jwt"} |
I implement complete JWT authentication:
Use this skill when:
src/{ProjectName}.Infrastructure/Security/
├── Jwt/
│ ├── IJwtTokenGenerator.cs
│ ├── JwtTokenGenerator.cs
│ ├── IJwtTokenValidator.cs
│ └── JwtTokenValidator.cs
├── Password/
│ ├── IPasswordHasher.cs
│ └── PasswordHasher.cs
├── Claims/
│ └── ClaimConstants.cs
└── Extensions/
└── AuthenticationExtensions.cs
src/{ProjectName}.Application/Authentication/
├── Commands/
│ ├── RegisterCommand.cs
│ ├── RegisterCommandHandler.cs
│ ├── LoginCommand.cs
│ └── LoginCommandHandler.cs
├── DTOs/
│ ├── RegisterRequest.cs
│ ├── LoginRequest.cs
│ └── AuthResponse.cs
└── Services/
└── IAuthService.cs
public class JwtTokenGenerator : IJwtTokenGenerator
{
private readonly IOptions<JwtSettings> _jwtSettings;
public JwtTokenGenerator(IOptions<JwtSettings> jwtSettings)
{
_jwtSettings = jwtSettings;
}
public string GenerateToken(User user, IList<string> roles)
{
var key = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(_jwtSettings.Value.Secret));
var credentials = new SigningCredentials(
key, SecurityAlgorithms.HmacSha256);
var claims = new List<Claim>
{
new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()),
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())
};
claims.AddRange(roles.Select(role =>
new Claim(ClaimTypes.Role, role)));
var token = new JwtSecurityToken(
issuer: _jwtSettings.Value.Issuer,
audience: _jwtSettings.Value.Audience,
claims: claims,
expires: DateTime.UtcNow.Add(_jwtSettings.Value.Expiry),
signingCredentials: credentials
);
return new JwtSecurityTokenHandler().WriteToken(token);
}
}
{
"JwtSettings": {
"Secret": "your-256-bit-secret-key-here",
"Issuer": "https://yourdomain.com",
"Audience": "https://yourdomain.com",
"Expiry": "01:00:00",
"RefreshTokenExpiry": "07:00:00:00"
}
}
builder.Services.AddAuthorization(options =>
{
options.AddPolicy("AdminOnly", policy =>
policy.RequireRole("Admin"));
options.AddPolicy("CanManageProducts", policy =>
policy.RequireClaim("Permission", "ManageProducts"));
});
Implement JWT authentication with:
- User registration
- User login
- Token generation
- Refresh token support
- Role-based authorization
- Password hashing (BCrypt)
I will generate complete JWT authentication implementation.
Implement agile development practices and ceremonies for .NET projects
Automate Work Item -> Branch -> PR -> Evidence Pack for AI Coding Factory
Implement Scrum framework and team structures for .NET enterprise projects
Implement CQRS pattern with MediatR for .NET applications
Create Docker configuration for ASP.NET Core applications
Create domain models following Domain-Driven Design principles