This document provides an introduction and overview of ASP.NET Identity. It discusses how ASP.NET Identity is the new membership system for building ASP.NET web applications and allows using social identities like Windows Live, Gmail, Facebook and Twitter for authentication. The document outlines key features of ASP.NET Identity like extended user account definitions, two-factor authentication, account confirmation and management of users and roles. It also lists required packages and describes important pieces of ASP.NET Identity like User, Role, User Manager, Role Manager and Authentication Manager. Finally, it provides references for further reading on ASP.NET Identity.

1. iFour ConsultancyASP.NET Identity

2. Introduction
 A major challenge in any web application is implementing its security
 In traditional web development with ASP.NET (from version 2.0 onwards), we have been
using Membership and Role providers
 These providers allows us to define Roles, Users and assign roles to users which helps us to
manage Authorization. But with an increase in social networking and global authentication
providers, we needed an upgraded membership system
 ASP.NET Identity is the new membership system for building ASP.NET web applications,
phone, store, or hybrid applications using social identities for authentication and
authorization
 So, Now use Windows Live (e.g. Hotmail), Gmail, Facebook and Twitter for authentication
before the user starts using our web application

3. Features
 Extended User Account Definition, including Email and contact information
 Two-Factor Authentication via email or SMS messaging, functionally similar to that used by
Google, Microsoft, and others
 Account Confirmation via email
 Administrative management of Users and Roles
 Account Lock-Out in response to invalid log-in attempts
 Security Token Provider to regenerate a user's security token in response to changes in
security settings
 Improved support for Social log-ins
 Easy Integration of Claims-Based Authorization

4. Required Packages
Install-Package EntityFramework
Install-Package Microsoft.AspNet.Identity.Core
Install-Package Microsoft.AspNet.Identity.EntityFramework
Install-Package Microsoft.AspNet.Identity.Owin
•A markup language is a set of markup tags

5.  By default when an ASP.NET MVC default application is run and auto migration is on,
registering a user automatically creates following table (starting with Asp..) in the database
 AspNetRoles - stores roles information contains Id and Name columns
 AspNetUsers - stores users information contains Id, UserName, PasswordHash, SecurityStamp and
Discriminator columns
 AspNetUserRoles - stores user and role id contains UserId and RoleId columns
Managing Roles in ASP.NET Identity

6. Configuration Steps
 Visual Studio project templates allow to use ASP.NET Identity for securing the web
application being created, Have a look at the following figure that shows the project
template dialog of Visual Studio
•A markup language is a set of markup tags

7. Configuration Steps
 When select MVC project template see the Change Authentication button enabled.
Clicking on the button will open the Change Authentication dialog as shown above
 The default selection of "Individual User Accounts" indicates that user account information
will be stored in the application database
 If create an MVC project with this default selection, find that the project template includes
AccountController and associated views for registering new users as well as for
authenticating users
•A markup language is a set of markup tags

8. Important pieces of ASP.NET Identity
 User
 Role
 User Manager
 Role Manager
 Authentication Manager
•A markup language is a set of markup tags

9. Important pieces of ASP.NET Identity
 User
 Represents a user of the system
 The basic authentication details such as user ID and password as well as profile information of a
user make a User object
 ASP.NET Identity comes with the IdentityUser class that captures basic authentication information
 If need to capture profile information, then create a custom class that inherits from
the IdentityUser base class
 This class is analogous to the MembershipUser class of the ASP.NET membership system.
•A markup language is a set of markup tags

10. Important pieces of ASP.NET Identity
 Role
 Represents a user role
 At a minimum a role has a name with which it is identified in the system
 The IdentityRole class of ASP.NET Identity provides this basic role
 If add some more pieces to the role (say description of a role) then create a custom class
that inherits from the IdentityRole base class
•A markup language is a set of markup tags

11. Important pieces of ASP.NET Identity
 User Manager
 A class that allows you to manager users
 Creating user accounts, removing user accounts, changing passwords, adding / removing
users to a role and such tasks can be performed using a user manager
 ASP.NET Identity comes with the UserManager class that can be used for this purpose
•A markup language is a set of markup tags

12. Important pieces of ASP.NET Identity
 Role Manger
 A class that allows you to manage roles
 Creating a role, removing a role, checking whether a role exists in the system and such
tasks can be performed using a role manager
 ASP.NET Identity provides the RoleManager class that can be used for this purpose
•A markup language is a set of markup tags

13. Important pieces of ASP.NET Identity
 Authentication Manager
 Authenticating a user - signing in and signing out a user - is the responsibility of
Authentication Manager
 The local user accounts can use cookie based authentication similar to Forms
Authentication
 ASP.NET Identity provides the IAuthenticationManager interface that represents an
authentication manager
 An authentication manager is similar to the FormsAuthentication class of ASP.NET
•A markup language is a set of markup tags

14. UserManger Methods
 FindByIdAsync(id) : Find user object based on its unique identifier
 Users : Returns an enumeration of the users
 Find(Username, Password) : Find User Login (If exist or not)
 FindByNameAsync(Username) : Find user based on its Username
 CreateAsync(User, Password) : Creates a new user with a password
 GenerateEmailConfirmationTokenAsync(Id) : Generate email confirmation token which is used in email confirmation
 SendEmailAsync(Id, Subject, Body) : Send confirmation email to the newly registered user
 ConfirmEmailAsync(Id, token) : Confirm the user email based on the received token
 ChangePasswordAsync(Id, OldPassword, NewPassword) : Change user password
 DeleteAsync(User) : Delete user
 IsInRole(Username, Rolename) : Check if a user belongs to certain Role
 AddToRoleAsync(Username, RoleName) : Assign user to a specific Role
 RemoveFromRoleAsync(Username, RoleName) : Remove user from specific Role
•A markup language is a set of markup tags

15.  https://www.asp.net/identity/overview/getting-started/introduction-to-aspnet-identity
 https://docs.microsoft.com/en-us/aspnet/core/security/authentication/identity
 http://tektutorialshub.com/asp-net-identity-tutorial-basics/
References

16. Questions?

17.  Create and Configure ASP.NET Identity MVC application
 Implement following functionalities using ASP.NET Identity :
• Login
• Register
• Add User to Roles
• Remove User from Roles
• Forgot Password
• Change Password
• Reset Password
• Get User
• Get All Users
• Get User Roles
• Get Current Login User
• Get Role
• Get All Roles
• SignOut
Practical