Authentication & Authorization

JWT tokens, cookie authentication, Identity, authorization policies, claims, role-based access

18 คำถามสัมภาษณ์·

Mid-Level

What is a JWT (JSON Web Token)?

คำตอบ

JWT is a self-contained token that encodes authentication information as digitally signed JSON. It consists of three parts separated by dots: header (algorithm), payload (data/claims), and signature (verification). Unlike server sessions, JWT is stateless and enables distributed authentication without server-side storage.

What is the fundamental difference between authentication and authorization?

คำตอบ

Authentication verifies user identity (who is he), while authorization determines permissions (what can he do). Authentication is always the first step, followed by authorization. For example, logging in with a password is authentication, then checking if the user can access an admin resource is authorization.

How does cookie authentication work in ASP.NET Core?

คำตอบ

The server generates an encrypted cookie after credential validation, automatically stored by the browser. This cookie contains user claims and is automatically sent with each request. The server decrypts the cookie to identify the user without database query. Suitable for traditional web applications with server-side navigation.

What is the typical JWT authentication workflow in an API?

What is a claim in the authentication context?

+15 คำถามสัมภาษณ์

หัวข้อสัมภาษณ์ .NET อื่นๆ

Authentication & Authorization

What is a JWT (JSON Web Token)?

คำตอบ

What is the fundamental difference between authentication and authorization?

คำตอบ

How does cookie authentication work in ASP.NET Core?

คำตอบ

What is the typical JWT authentication workflow in an API?

What is a claim in the authentication context?

หัวข้อสัมภาษณ์ .NET อื่นๆ

C# Basics

LINQ & Delegates

C# Language Essentials

ASP.NET Core Fundamentals

ASP.NET Core Request Lifecycle

Configuration & Settings

Application Lifecycle

Dependency Injection

Entity Framework Core

Minimal APIs

Web API Development

Async in ASP.NET Core

HttpClient & Networking

JSON Serialization

Entity Framework Core Advanced

C# Advanced Features

Clean Architecture

Logging, Monitoring & Observability

Unit Testing & xUnit

Integration Testing

Docker & Containerization

NuGet Package Management

Memory Management & GC

Reactive Programming

Async/await & Patterns

.NET Design Patterns

Performance Optimization

Security & Best Practices

SignalR & Real-time

Microservices Architecture

เชี่ยวชาญ .NET สำหรับการสัมภาษณ์ครั้งถัดไป