Don't worry. Not everyone knows it...

In this article, I’m going to write bit about security aspects in ASP.Net Core 2.0. Whenever you create a new ASP.NET Core application, you must notice that there is an option on dialog with a button captioned as Change Authentication and once you click on that, you will land upon a dialog having below 4 options as shown below:    I’ll discuss about each of these options in detail but as of now, to get started, let’s take a high-level idea about these No Authentication – which means application is completely anonymous and open for everyone to access it. Individual User Accounts – it uses local database for storing the information related to user. Work or School Accounts – it means application will work with Office365, Active Directory, support for cloud, etc.. Windows Authentication – For internet application and uses IIS capabilities to know who has logged in. Here I’ll be choosing my option as ‘ Individual User Accounts ’ which is very easy, simplest as well

This time rather than jumping directly into the topic, let's have a look at the Login form code which you must have definitely seen while working on MVC application. What do you think about the above code snippet? Indeed, it works alright, but there are few problems with this. But the major problem is its a bit messy and difficult to read due to excessive use of @. So, now we have understood the problem, what is the solution? Here comes the Tag Helpers for our rescue. Let's quickly have a look at the code generated by the ASP.NET Core framework for the same functionality: The above code looks much cleaner. Isn’t it? If it looks interesting to you, we should learn more about it. What are Tag Helpers Tag Helpers are classes written in C# but are attached to HTML elements in order to run server-side code from Razor view. In other words, view created in HTML has its presentation logic defined in C#, which is ultimately executed on the w