The hand-made authentication and authorization flow we put together in Chapter 7, Authentication and Authorization, is pretty much working. However, it lacks some very important features required for a production-ready environment, the most important ones being token expiration, token refresh, and sliding session support. Implementing them from scratch won't be easy and would take us far from the scope of this book. Luckily enough, there are a number of third-party packages that already went down that route with great results. Among them, the most promising one seems to be OpenIddict, an open-source project featuring an OAuth2/OpenID Connect provider based on ASP.NET Core Identity and ...