I just published my last article for 2020 (what a year!). It is about a feature I will probably have to implement early next year on one of the project I am working on.

It is a good practice to ensure that a user gets authenticated before accessing critical feature of your applications.

I have always maintained a table with users and their passwords in a database but with users getting too many passwords to remember, you can now allow them to use the very same password they use to login their corporate computer if you are using an Active Directory account.

It is amazingly easy for a .Net application running on a computer that can access the AD (useless on a laptop not connected to anything!) to validate the credentials of a user.

You can also check the groups to which this user belongs if you want to build your security based on these groups (which I am not a big fan because it is not very flexible).

You can read the full article from https://www.emoreau.com/Entries/Articles/2020/12/Authenticate-and-Authorize-users-against-the-AD-from-a-Net-application.aspx.