feat: real authentication for Identity (ASP.NET Core Identity + self-validated JWT) — slices 5.8–5.11#130
Merged
Conversation
erikshafer
commented
Jul 8, 2026
Owner
…elf-validated JWT) — slices 5.8–5.11 Closes the round-one auth stub (ADR 023). Identity becomes the system's sole auth issuer: ASP.NET Core Identity for the user store + password handling on the existing EF-Core/identity schema, minting an RS256 JWT (sub = customer id) signed with an asymmetric private key it alone holds. Orders becomes a resource server, validating the token fully offline against a config-distributed public key (zero HTTP into Identity) and sourcing the customer id from sub. The X-Customer-Id header is retired as the trust boundary — the sub claim replaces it — and survives only as a dev-only fallback under a layered cutover, so the seeder, existing tests, and demo-traffic stay green. The frontend cuts fully to Authorization: Bearer with login/register/logout UI, session-token persistence, and browse-anon / checkout-gated routing. Slices 5.8 (register with credentials), 5.9 (log in — issue a JWT), 5.10 (verify a token at a resource server), 5.11 (log out — client-side discard). Still non-event-sourced (relational user store extending the boring-CRUD foil; zero stream events, no saga). AuthZ/roles, refresh tokens, and server-side revocation deferred. Entity shape: two id-linked tables, one CustomerDbContext deriving IdentityUserContext<IdentityUser> (renamed from IdentityDbContext, resolving the name collision). Dev keypair shared via ServiceDefaults.DevJwtDefaults (prod overrides Jwt:PrivateKey/Jwt:PublicKey). Consolidated PR: OpenSpec change (proposal + customer-registry spec delta, 4 ADDED requirements + design + tasks, validate --strict green), Narrative 010, prompt 037, code, tests, retro. 172 backend + 112 frontend tests green; live-verified end-to-end against the real Aspire stack (register → login → authenticated request → 401 on bad token → 400 on no identity). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
…rmat CI) The two new auth usings (Microsoft.AspNetCore.Authentication.JwtBearer, Microsoft.IdentityModel.Tokens) were inserted before JasperFx.Events.Projections / Marten instead of in alphabetical position. `dotnet format --verify-no-changes` now passes clean across the whole solution. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.