The native web app we developed in the previous chapters was working fine, yet it lacked some important and rather advanced features that had to be implemented as well in order to use it in a production-ready application such as the one we're aiming to build. In this chapter, we took care of some of them, such as token expiration, new user registration, and third-party authentication.
Fulfilling the first task took a reasonable amount of time, as we had to perform some relevant changes within every part of our app: the server-side and the client-side, not to mention the data model. We had to create a whole new table, expand our current Web API classes--the TokenController and TokenResponseViewModel--and add another Angular HttpInterceptor class--similar to the one we already used in Chapter 8 to interact with our HTTP requests--to deal with the HTTP responses and react accordingly.
Adding the new user registration feature was a rather straightforward process, even though it also required several server-side and client-side tasks; more specifically, we had to develop a new UserController web API containing the required logic to add new users to the ASP.NET Core Identity service, and then consume it with a brand new User Registration view with a new set of validators--including a custom one to deal with password checks. While we were there, we also made some cosmetic changes to the navigation menu items to grant our visitors a better user experience.
Eventually, we tried to use the built-in capabilities of the ASP.NET Core Identity service to implement some external, OAuth2-based authentication mechanism using a widely-known third-party provider such as Facebook. We started with carefully evaluating the pros and cons of the two main authentication flows supported by the OAuth2 protocol and then further leveraged through the OpenID Connect interface: the implicit flow and the explicit flow. Right after that, we performed the required steps to implement them both in order to give the reader the best possible learning experience.