Secure Web Application Development Using ASP.NET Core with JWT Authentication

The rapid adoption of web applications and REST-based services has increased exposure to security threats, including SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), authentication weaknesses, and improper access control mechanisms. This study examines secure web application development using ASP.NET Core together with JSON Web Token (JWT) authentication techniques. ASP.NET Core is one of the leading modern frameworks for developing efficient and secure applications, offering numerous features, including middleware request processing, model validation, dependency injection, and secure database connection via Entity Framework Core. Adding JWT authentication makes ASP.NET Core even more capable of developing safe web apps, thanks to its ability to provide stateless authentication, claims and roles-based identities and authorizations, as well as expiring tokens. Important concepts in the field of secure web development discussed here include safe coding, management of secret keys, encryption of data over HTTPS, refresh token techniques, and OWASP guidelines.