Add built-in features and authentication documentation to layered web application guide

docs/en/solution-templates/layered-web-application/authentication.md

@@ -0,0 +1,56 @@
+# Layered Solution: Authentication
+
+```json
+//[doc-nav]
+{
+  "Previous": {
+    "Name": "Built-In Features",
+    "Path": "solution-templates/layered-web-application/built-in-features"
+  },
+  "Next": {
+    "Name": "Database configurations in the Layered solution",
+    "Path": "solution-templates/layered-web-application/database-configurations"
+  }
+}
+```
+
+> Some of the features mentioned in this document may not be available in the free version. We're using the **\*** symbol to indicate that a feature is available in the **[Team](https://abp.io/pricing)** and **[Higher](https://abp.io/pricing)** licenses.
+
+The [Layered solution template](index.md) is fully configured for authentication. All the services and applications are configured to use the [OpenIddict](https://documentation.openiddict.com) library for authentication. They are configured in a common way for authentication. This document explains that common authentication structure.
+
+If you choose the *Tiered* option while [creating](../../get-started/layered-web-application.md#creating-a-new-solution) the solution, the solution will have the `*.AuthServer` project.
+
+## OpenIddict
+
+[OpenIddict](https://documentation.openiddict.com) is an open-source library that provides a simple and easy way to implement an OpenID Connect server in your application. ABP has built-in modules ([OpenIddict](../../modules/openiddict.md), [OpenIddict UI **\***](../../modules/openiddict-pro.md)) to integrate OpenIddict into the solution.
+
+## Domain Layer
+
+The layered solution template *Domain* layer is the responsible for the OpenIddict definitions (Applications, Scopes, etc.). Also, it provides the *OpenIddictDataSeedContributor* class to seed the initial data. It creates the default clients (applications) and scopes for the solution.
+
+The [OpenIddict UI **\***](../../modules/openiddict-pro.md) module is added only if you choose the OpenIddict UI  module while creating the solution.
+
+![new-solution-openiddict-module](images/new-solution-openiddict-module.png)
+
+The OpenIddict UI **\*** module provides a user interface to manage the OpenIddict entities such as applications, scopes, etc. You can manage these entities from the application UI.
+
+![openiddict-ui](images/openiddict-ui.png)
+
+## The Authentication Application
+
+The solution may include an external authentication server (`auth-server`) application if you select the *Tiered* option during solution creation. Otherwise, the authentication server is integrated into one of the [Web Applications](web-applications.md).  
+
+The authentication server handles token generation, validation, and user account management (e.g., login, registration). It uses the [Account](../../modules/account.md) or [Account Pro **\***](../../modules/account-pro.md) module. The [Account Pro **\***](../../modules/account-pro.md) module additionally supports [social logins](../../modules/account-pro.md#social--external-logins) (e.g., Google, Facebook). Social logins can be enabled, disabled, and configured directly from the application's user interface.
+
+![account-external-provider](images/account-external-provider.png)
+
+## Authentication Flows
+
+Applications in the solution use different authentication flows depending on the application type:
+
+- **MVC UI Web Application**:  
+  Uses the [Hybrid Flow](https://openid.net/specs/openid-connect-core-1_0.html#HybridFlowAuth) (OpenID Connect Authentication) for user authentication.  
+- **SPA and Swagger Applications**:  
+  Use the [Authorization Code Flow](https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth) to authenticate users.  
+
+Once a user logs into the system and obtains a token from the authentication server, the `*.HttpApi.Host` application use [JWT Bearer Authentication](https://jwt.io/introduction/) to authorize the user's actions.

docs/en/solution-templates/layered-web-application/built-in-features.md

@@ -0,0 +1,25 @@
+# Layered Solution: Built-In Features
+
+```json
+//[doc-nav]
+{
+  "Previous": {
+    "Name": "Mobile Applications",
+    "Path": "solution-templates/layered-web-application/mobile-applications"
+  },
+  "Next": {
+    "Name": "Authentication",
+    "Path": "solution-templates/layered-web-application/authentication"
+  }
+}
+```
+
+The Layered solution template includes several built-in features to help you get started with your layered web application. These features are designed to provide a solid foundation for your application and help you focus on your business logic. This document provides an overview of the built-in features included in the Layered solution template. The following documents explains these features in details:
+
+* [Authentication](authentication.md)
+* [Database configurations](database-configurations.md)
+* [Logging (with Serilog)](logging.md)
+* [Swagger integration](swagger-integration.md)
+* [Multi-Tenancy](multi-tenancy.md)
+* [BLOB storing](blob-storing.md)
+* [CORS configuration](cors-configuration.md)

docs/en/solution-templates/layered-web-application/web-applications.md

@@ -14,6 +14,8 @@
 }
 ````
 
+> Some of the features mentioned in this document may not be available in the free version. We're using the **\*** symbol to indicate that a feature is available in the **[Team](https://abp.io/pricing)** and **[Higher](https://abp.io/pricing)** licenses.
+
 The web applications are the main user interfaces of the solution. They are the entry points for users to interact with the system. The Layered Solution Template supports the following web applications:
 
 - **MVC / Razor Pages**: This is an ASP.NET Core MVC application. It is a traditional web application that serves HTML pages to users and is suitable for building web applications with server-side rendering.  
@@ -22,7 +24,7 @@ The web applications are the main user interfaces of the solution. They are the
   - **Blazor WebAssembly**: This is a client-side SPA that runs entirely in the user's browser. It communicates with the server using HTTP requests and is suitable for modern web applications with rich interactivity and offline capabilities.  
   - **Blazor Server**: This is a server-side SPA that runs on the server and communicates with the client in real time using SignalR. It is ideal for applications requiring constant connectivity and rapid server updates.  
   - **Blazor WebApp**: This is a combination of Blazor technologies optimized for building hybrid web applications that can leverage both client-side and server-side capabilities.  
-  - **Maui Blazor (Hybrid)**: This enables building cross-platform applications that combine Blazor for the UI with .NET MAUI for native device integration. It is suitable for building apps that work across desktop and mobile platforms.  
+  - **Maui Blazor (Hybrid)** **\***: This enables building cross-platform applications that combine Blazor for the UI with .NET MAUI for native device integration. It is suitable for building apps that work across desktop and mobile platforms.  
 - **No UI**: This option creates a backend-only solution without a web interface, suitable for scenarios like API-only applications or headless services.  
 
 You can select the web application type that fits your requirements during the solution creation process in the *UI Framework* step. The Layered Solution Template generates the selected web applications with the necessary configurations and integrations.
@@ -159,7 +161,7 @@ When you select the Blazor WebApp option in the Layered Solution Template, it ge
 
 The Blazor client application communicates with the server by sending HTTP requests to the `*.Blazor` application.
 
-### Maui Blazor (Hybrid)
+### Maui Blazor (Hybrid) **\***
 
 Maui Blazor (Hybrid) enables building cross-platform applications that combine Blazor for the UI with .NET MAUI for native device integration. It is suitable for building apps that work across desktop and mobile platforms.