# Auth Service API

Centralized Authentication & Authorization API built with ASP.NET Core.

## Features

- JWT Authentication

- Refresh Token with Rotation

- Secure Password Hashing (PBKDF2)

- Role-based Authorization

- Login / Logout / Refresh

- Rate Limiting & Brute-force Protection

- Global Error Handling

- Swagger Documentation

## Architecture

- API Layer

- Application (Business Logic)

- Domain (Entities)

- Infrastructure (Planned)

- Shared (DTOs & Responses)

## Authentication Flow

1. Login with email & password

2. Receive Access Token + Refresh Token

3. Use Access Token for protected endpoints

4. Refresh Access Token using Refresh Token

5. Logout revokes refresh tokens

## Security

- PBKDF2 password hashing

- JWT with claims & roles

- Refresh token rotation

- Rate limiting on sensitive endpoints

- Account lockout after failed attempts

## Technologies

- ASP.NET Core Web API

- JWT Bearer Authentication

- Swagger

- SQL Server (Schema designed)

- Clean Architecture

## Status

v1.0.0 – Core authentication system completed.

Infrastructure layer will be implemented in a future update.

Name		Name	Last commit message	Last commit date
Latest commit History 25 Commits
.config		.config
AuthService.API		AuthService.API
AuthService.Application		AuthService.Application
AuthService.Domain		AuthService.Domain
AuthService.Infrastructure		AuthService.Infrastructure
AuthService.Shared		AuthService.Shared
.gitignore		.gitignore
AuthService.sln		AuthService.sln
Dockerfile		Dockerfile
README.md		README.md

Folders and files

Latest commit

History

Repository files navigation

# Auth Service API

Centralized Authentication & Authorization API built with ASP.NET Core.

## Features

- JWT Authentication

- Refresh Token with Rotation

- Secure Password Hashing (PBKDF2)

- Role-based Authorization

- Login / Logout / Refresh

- Rate Limiting & Brute-force Protection

- Global Error Handling

- Swagger Documentation

## Architecture

- API Layer

- Application (Business Logic)

- Domain (Entities)

- Infrastructure (Planned)

- Shared (DTOs & Responses)

## Authentication Flow

1. Login with email & password

2. Receive Access Token + Refresh Token

3. Use Access Token for protected endpoints

4. Refresh Access Token using Refresh Token

5. Logout revokes refresh tokens

## Security

- PBKDF2 password hashing

- JWT with claims & roles

- Refresh token rotation

- Rate limiting on sensitive endpoints

- Account lockout after failed attempts

## Technologies

- ASP.NET Core Web API

- JWT Bearer Authentication

- Swagger

- SQL Server (Schema designed)

- Clean Architecture

## Status

v1.0.0 – Core authentication system completed.

Infrastructure layer will be implemented in a future update.

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases 3

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages