关于[Secure an ASP.NET Core Web Api using Cookies]的摘要:
There’s this frequent notion that you need to use tokens to secure a web api and you can’t use cookies. That’s not the case. You can do authentication and authorization in a Web Api using cookies the same way you would for a normal web application, and doing so has the added advantage that cookies are easier to setup than for example JWT tokens. There are just a few things you need to be aware.
原文地址: https://www.blinkingcaret.com/2018/07/18/secure-an-asp-net-core-web-api-using-cookies