In the previous blog posts in this series, we built our own Backend-for-Frontend (BFF) implementation in ASP.NET Core from scratch. Now, you might be wondering about how much effort it would take to replace our custom solution with the Duende BFF Security Framework? In this post, we’ll walk through that migration process and see just […]
BFF in ASP.NET Core #7 – Introducing the Duende BFF Library Read More »
In this post, we take the next step in securing our Backend-for-Frontend (BFF) by adding robust Cross-Origin Resource Sharing (CORS) protection. CORS is essential for defending against a range of cross-origin attacks, and implementing it correctly is crucial for any application that handles sensitive data. We’ll explore the types of attacks that CORS helps prevent,
BFF in ASP.NET Core #6 – Securing our BFF with CORS Read More »
Nobody wants to sign in every hour. Yet that’s exactly what happens when access tokens expire in applications without proper token management. The good news? We can fix this by implementing automatic token renewal in our BFF! This is a big topic, so I’ve split it into multiple parts. You can jump to the section
BFF in ASP.NET Core #5 – Automatic Token Renewal Read More »
In this blog post, we’ll implement a minimal yet complete Backend-for-Frontend (BFF) in ASP.NET Core. By starting with a simple foundation and adding features incrementally, you’ll learn not just how to build a BFF, but why each component matters for securing modern web applications. This is a big topic, so I’ve split it into multiple
BFF in ASP.NET Core #4 – Implementing a BFF from scratch Read More »
The BFF pattern eliminates many SPA security risks, but it introduces a new critical component: the session cookie. This cookie becomes the key to your user’s authentication. If it’s not properly secured, you’ve simply moved the vulnerability from JavaScript tokens to HTTP cookies. This post shows you how to properly secure the session cookie using
BFF in ASP.NET Core #3 – The BFF Pattern Explained Read More »
How do you secure a Single-Page Application without storing tokens in the browser? The answer lies in the Backend-for-Frontend (BFF) pattern. This architectural approach shifts authentication complexity to the backend, keeping your frontend simple and secure. Let’s explore how it works and why it’s become the gold standard for SPA security. This is a big
BFF in ASP.NET Core #2 – The BFF Pattern Explained Read More »
This multi-part blog series will show you how to implement secure authentication for Single-Page Applications using the Backend-for-Frontend (BFF) pattern with ASP.NET Core. We’ll explore why handling OpenID Connect directly in SPAs creates security risks, then build a complete BFF implementation that eliminates browser token storage and follows OAuth 2.0 best practices. In short, it
Implementing BFF Pattern in ASP.NET Core for SPAs Read More »
In this blog post, you will learn how to deploy a test instance of KurrentDB to Azure and access it from a console application in .NET. Why did I write this blog post? While updating my DDD, CQRS, and Event Sourcing in .NET training course to the latest version of .NET and C#, I also
How to Use KurrentDB for Event Sourcing in C# on Azure Read More »
In my previous blog post, I explained what the Forwarded Headers Middleware does and why it matters. In this post, I will show you how to add it to your application, configure it, and point out a few common issues that can arise in configuring the forwarded headers middleware. In this blog post: Testing the
Configuring ASP.NET Core Forwarded Headers Middleware Read More »
Proxies are vital for load balancing and security, but they obscure the actual client IP, scheme, and domain, causing broken links, inaccurate logging, and other headaches. In this post, we’ll look at how ASP.NET Core’s Forwarded Headers Middleware restores these details so your services behave as though they’re directly on the public internet. What is
Exploring the Forwarded Headers Middleware in ASP.NET Core Read More »