SilverLABS.SilverSHELL.Auth.Server 1.1.1
SilverLABS.SilverSHELL.Auth.Server
Enterprise-grade authentication server library for ASP.NET Core applications with JWT authentication, refresh tokens, session management, audit logging, and rate limiting.
Features
- JWT Authentication - Secure token-based authentication with configurable expiration
- Refresh Tokens - Long-lived tokens for seamless re-authentication
- Session Management - Track and manage user sessions across devices
- Audit Logging - Comprehensive audit trail of all authentication events
- Rate Limiting - Protect against brute-force attacks
- Password Reset - Secure password reset flow with tokens
- Role-Based Authorization - Built-in role and permission management
- BCrypt Password Hashing - Industry-standard password security
- SQLite Database - Lightweight, embedded database (easily swappable for SQL Server, PostgreSQL, etc.)
Installation
dotnet add package SilverLABS.SilverSHELL.Auth.Server
Quick Start
1. Configure Services
In your Program.cs:
using SilverSHELL.Auth.Server.Extensions;
var builder = WebApplication.CreateBuilder(args);
// Add SilverSHELL Auth Server
builder.Services.AddSilverShellAuthServer(options =>
{
options.SecretKey = "your-super-secret-key-at-least-32-characters-long!";
options.Issuer = "https://your-auth-server.com";
options.Audience = "https://your-client-app.com";
options.AllowedOrigins = new[] { "https://localhost:7214", "https://your-app.com" };
options.TokenExpirationMinutes = 60;
options.RefreshTokenExpirationDays = 7;
});
// Add API Explorer for OpenAPI/Swagger
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddOpenApi();
var app = builder.Build();
if (app.Environment.IsDevelopment())
{
app.MapOpenApi();
}
app.UseHttpsRedirection();
// Use SilverSHELL Auth Server middleware
app.UseSilverShellAuthServer();
app.MapControllers();
app.Run();
2. Alternative: Configuration from appsettings.json
appsettings.json:
{
"ConnectionStrings": {
"DefaultConnection": "Data Source=auth.db"
},
"Jwt": {
"SecretKey": "your-super-secret-key-at-least-32-characters-long!",
"Issuer": "https://your-auth-server.com",
"Audience": "https://your-client-app.com",
"TokenExpirationMinutes": 60
},
"Cors": {
"AllowedOrigins": [
"https://localhost:7214"
]
}
}
Program.cs:
builder.Services.AddSilverShellAuthServer(builder.Configuration);
API Endpoints
Authentication
POST /api/auth/register- Register new userPOST /api/auth/login- Login and receive JWT tokenPOST /api/auth/refresh- Refresh expired tokenPOST /api/auth/logout- Logout and invalidate session
User Management (Admin only)
GET /api/auth/users- Get all usersGET /api/auth/users/me- Get current user info
Role Management (Admin only)
GET /api/auth/roles- Get all roles
Session Management
GET /api/auth/sessions- Get all active sessionsDELETE /api/auth/sessions/{id}- Revoke specific session
Configuration Options
public class AuthServerOptions
{
// JWT Settings (Required)
public string SecretKey { get; set; } // Min 32 characters
public string Issuer { get; set; } = "SilverSHELL.Auth.Server";
public string Audience { get; set; } = "SilverSHELL.Client";
public int TokenExpirationMinutes { get; set; } = 60;
public int RefreshTokenExpirationDays { get; set; } = 7;
// Database
public string ConnectionString { get; set; } = "Data Source=auth.db";
public bool AutoMigrateDatabase { get; set; } = true;
// CORS
public string[] AllowedOrigins { get; set; }
// Rate Limiting
public bool EnableRateLimiting { get; set; } = true;
public int LoginRateLimitPerMinute { get; set; } = 5;
public int RegisterRateLimitPerHour { get; set; } = 3;
// Admin Seeding
public bool SeedDefaultAdmin { get; set; } = true;
public string DefaultAdminUsername { get; set; } = "admin";
public string DefaultAdminEmail { get; set; } = "admin@silverlabs.uk";
public string DefaultAdminPassword { get; set; } = "Admin123!";
}
Integration with SilverSHELL.Auth (Client)
Server:
builder.Services.AddSilverShellAuthServer(options =>
{
options.SecretKey = "your-secret-key";
options.Issuer = "https://localhost:7065";
options.Audience = "https://localhost:7214";
options.AllowedOrigins = new[] { "https://localhost:7214" };
});
Client (Blazor WASM):
builder.Services.AddSilverShellAuth(options =>
{
options.ApiBaseUrl = "https://localhost:7065"; // Points to your Auth.Server
});
Documentation
Support
- Issues: GitLab Issues
- Email: support@silverlabs.uk
Changelog
v1.1.0
- ✨ NEW:
AddSilverShellAuthServer()extension method - ✨ NEW:
UseSilverShellAuthServer()middleware extension - ✨ NEW:
AuthServerOptionsconfiguration class - ✨ NEW: Automatic database migration and admin seeding
- 📚 DOCS: Complete documentation
- 🔧 IMPROVED: Package consumable as library (not just standalone)
v1.0.0
- Initial release (standalone application)
License
MIT License
Made with ❤️ by SilverLABS
No packages depend on SilverLABS.SilverSHELL.Auth.Server.
v1.1.1: HOTFIX - Ensured Extensions namespace is properly included in package. v1.1.0: NEW - AddSilverShellAuthServer() and UseSilverShellAuthServer() extension methods.
.NET 9.0
- AspNetCoreRateLimit (>= 5.0.0)
- BCrypt.Net-Next (>= 4.0.3)
- Microsoft.AspNetCore.Authentication.JwtBearer (>= 9.0.9)
- Microsoft.AspNetCore.OpenApi (>= 9.0.6)
- Microsoft.EntityFrameworkCore (>= 9.0.9)
- Microsoft.EntityFrameworkCore.Sqlite (>= 9.0.9)
- System.IdentityModel.Tokens.Jwt (>= 8.14.0)