Embed Size (px)
Citation preview
How Evoq Helps You Build Modern Web Applications
Will Morgenweck
VP, Product Management
@DNNCorp | @wmorgenweck
The Developer Experience
Evoq Uses Modern Techniques
• HTML, Javascript & CSS
• jQuery
• Knockout.js
• WEB API
NO WEB FORMS
Highlights for Developers
• Build Modules with ASP.NET MVC 5
• Improved support for building SPA-like modules
• Visual Studio Templates
• Web API 2.0
• JSON Web Token (JWT)
• Controls for excluding individual CSS and JS files
• Image Handler for server-side image resizing
• Separation of Admin modules to provider greater control.
• Removed legacy modules to improve performance and reduce resource footprint.
• Updated minimum system requirements.
Introducing JSON Web Token
JSON Web Token (JWT) is an open standard (RFC 7519) that
defines a compact and self-contained way for securely transmitting
information between parties as a JSON object.
•Compact: Because of its size, it can be sent through an URL, POST
parameter, or inside an HTTP header. Additionally, due to its size its
transmission is fast.
•Self-contained: The payload contains all the required information about the
user, to avoid querying the database more than once.
Source: https://jwt.io/introduction/
Getting Started with JWT & DNN
Install the DNN JWT Authentication Provider
1. Navigate to Host > Extensions
2. Select Available Extensions
3. Expand the Providers section
4. Click the install button for the DNN JWT Auth Handler
1
Getting Started with JWT & DNN
Update JWT entry in the web.config
1. Open your web.config file
2. Search for JWTAuth
3. Change the value for defaultInclude and enabled to true.
4. For demo purposes only, change forceSSL to false.
2
Getting Started with JWT & DNN
Enable Cross-origin resource sharing
1. Open your web.config file
2. Search for customHeaders
3. Add the entries highlighted below...
<httpProtocol>
<customHeaders>
<remove name="X-Powered-By" />
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Headers" value="accept, accept-language, content-type,
accept, authorization, moduleid, tabid, x-dnn-moniker" />
<add name="Access-Control-Allow-Methods" value="GET, POST, PUT, HEAD, OPTIONS" />
</customHeaders>
</httpProtocol>
</system.webServer>
3
Getting Started with JWT & DNN
Enable Additional Logging
1. Open your DotNetNuke.log4net.config file
2. Add the entries highlighted below
…
</root>
<!-- this enables troubleshooting provider registration -->
<logger name="DotNetNuke.Web.Api.Auth">
<level value="TRACE" />
</logger>
<!-- this enables troubleshooting failing WEB API calls -->
<logger name="DotNetNuke.Dnn.AuthServices.Jwt">
<level value="TRACE" />
</logger>
</log4net>
4
Quick Summary – JWT & DNN
• Installed JWT Authentication Provider
•Enabled JWT Authentication across all WEB API requests
•Enabled cross-origin resource sharing (CORS) to allow requests from remote Javascript clients.
•Updated Log4Net settings for advanced debugging purposes
Questions & Resources
DNN / Proprietary and Confidential. All Rights Reserved.13
Try Evoq!
http://dnn.ly/TryEvoq
Visual Studio Templates
http://dnn.ly/DNN8-Templates
Wiki
http://dnn.ly/DNN-Wiki
Getting Started with DNN and MVC
http://dnn.ly/DNN-MVC-Module
Overview of DNN and SPA
http://dnn.ly/DNN-SPA-Module
MVC and SPA Sample Modules
http://dnn.ly/DNN-Samples
JWT Introduction
http://dnn.ly/JWT-Intro
