NpgsqlRest

Appearance

Comments
Written with Claude
IMPORTANT

As you may notice, this page and pretty much the entire website were obviously created with the help of AI. I wonder how you could tell? Was it a big "Written With Claude" badge on every page? I moved it to the top now (with the help of AI of course) to make it even more obvious. There are a few blogposts that were written by me manually, the old-fashioned way, I hope there will be more in the future, and those have a similar "Human Written" badge. This project (not the website), on the other hand, is a very, very different story. It took me more than two years of painstaking and unpaid work in my own free time. A story that, hopefully, I will tell someday. But meanwhile, what would you like me to do? To create a complex documentation website with a bunch of highly technical articles with the help of AI and fake it, to give you an illusion that I also did that manually? Like the half of itnernet is doing at this point? How does that makes any sense? Is that even fair to you? Or maybe to create this website manually, the old-fashioned way, just for you? While working a paid job for a salary, most of you wouldn't even get up in the morning. Would you like me to sing you a song while we're at it? For your personal entertainment? Seriously, get a grip. Do you find this information less valuable because of the way this website was created? I give my best to fix it to keep the information as accurate as possible, and I think it is very accurate at this point. If you find some mistakes, inaccurancies or problems, there is a comment section at the bottom of every page, which I also made with the help of the AI. And I woould very much appreciate if you leave your feedback there. Look, I'm just a guy who likes SQL, that's all. If you don't approve of how this website was constructed and the use of AI tools, I suggest closing this page and never wever coming back. And good riddance. And I would ban your access if I could know how. Thank you for your attention to this matter.

Changelog v3.2.1 (2025-12-23)

Version 3.2.1 (2025-12-23)

Full Changelog

JWT (JSON Web Token) Authentication Support

Added standard JWT Bearer authentication as a third authentication scheme alongside Cookie and Microsoft Bearer Token authentication. All three schemes can be used together.

Configuration:

json
json
{
  "Auth": {
    "JwtAuth": true,
    "JwtSecret": "your-secret-key-at-least-32-characters-long",
    "JwtIssuer": "your-app",
    "JwtAudience": "your-api",
    "JwtExpireMinutes": 60,
    "JwtRefreshExpireDays": 7,
    "JwtValidateIssuer": true,
    "JwtValidateAudience": true,
    "JwtValidateLifetime": true,
    "JwtValidateIssuerSigningKey": true,
    "JwtClockSkew": "5 minutes",
    "JwtRefreshPath": "/api/jwt/refresh"
  }
}

Login Response:

When JWT authentication is enabled and a login endpoint returns successfully, the response includes:

json
json
{
  "accessToken": "eyJhbG...",
  "refreshToken": "eyJhbG...",
  "tokenType": "Bearer",
  "expiresIn": 3600,
  "refreshExpiresIn": 604800
}

Token Refresh:

POST to the configured refresh path (default: /api/jwt/refresh) with:

json
json
{ "refreshToken": "eyJhbG..." }

Returns a new access token and refresh token pair.

Key Differences from Microsoft Bearer Token:

FeatureMicrosoft Bearer TokenJWT
Token FormatProprietary, encryptedIndustry-standard (RFC 7519)
InteroperabilityASP.NET Core onlyAny system supporting JWT
Token InspectionOpaqueCan be decoded at jwt.io
Use CaseSingle ASP.NET appCross-service, microservices

New Configuration Options:

  • JwtAuth - Enable JWT authentication (default: false)
  • JwtAuthScheme - Custom scheme name (default: "Bearer")
  • JwtSecret - Signing key (minimum 32 characters for HS256)
  • JwtIssuer - Token issuer claim
  • JwtAudience - Token audience claim
  • JwtExpireMinutes - Access token expiration (default: 60)
  • JwtRefreshExpireDays - Refresh token expiration (default: 7)
  • JwtValidateIssuer - Validate issuer claim (default: false)
  • JwtValidateAudience - Validate audience claim (default: false)
  • JwtValidateLifetime - Validate token expiration (default: true)
  • JwtValidateIssuerSigningKey - Validate signing key (default: true)
  • JwtClockSkew - Clock tolerance for expiration (default: 5 minutes)
  • JwtRefreshPath - Refresh endpoint path (default: "/api/jwt/refresh")

Custom Login Handler:

Added CustomLoginHandler callback to NpgsqlRestAuthenticationOptions allowing custom token generation during login. This enables JWT tokens to be generated and returned instead of using the default SignIn behavior.

Path Parameters Support for HttpFiles and OpenApi Plugins

Added path parameters support to the HttpFiles and OpenApi plugins, matching the functionality added to the core library and TsClient in version 3.1.3.

HttpFiles Plugin:

Path parameters are now properly handled in generated HTTP files:

  • Path parameters are excluded from query strings (they're already in the URL path)
  • Path parameters are excluded from JSON request bodies

Before (broken):

http
http
GET {host}/api/products/{p_id}?pId=1

After (fixed):

http
http
GET {host}/api/products/{p_id}

OpenApi Plugin:

Path parameters are now properly documented in the OpenAPI specification:

  • Path parameters are added with "in": "path" and "required": true
  • Path parameters are excluded from query parameters
  • Path parameters are excluded from request body schemas

Example generated OpenAPI for /api/products/{p_id}:

json
json
{
  "parameters": [
    {
      "name": "pId",
      "in": "path",
      "required": true,
      "schema": { "type": "integer", "format": "int32" }
    }
  ]
}

Comments