Introducing ASP.NET Identity – A membership system for ASP.NET applications

Introducing ASP.NET Identity – A membership system for ASP.NET applications

Rate This
  • Comments 51

ASP.NET Identity is the new membership system for building ASP.NET web applications. ASP.NET Identity allows you to add login features to your application and makes it easy to customize data about the logged in user.

[Update] Please visit  ASP.NET Identity for getting the latest information about ASP.NET Identity project and learning more on how to get started and migrate from earlier membership systems.

Features

Following are some of the feature of the ASP.NET Identity system

  • One ASP.NET Identity system
    • ASP.NET Identity can be used with all of the ASP.NET frameworks such as ASP.NET MVC, Web Forms, Web Pages, Web API and SignalR
  • Ease of plugging in profile data about the user
    • When you create new users in your application, it is now easy to add extra information about the user. For eg.. if you wanted to add a Birthdate option for users when they Register an account in your application.
    • ASP.NET Identity uses Entity Framework Code First and it is possible to extend the POCO classes.
  • Persistence control
    • By default the ASP.NET Identity system will store all the user information in a database. ASP.NET Identity uses Entity Framework Code First to implement all of its persistence mechanism.
    • If your application requirements are that this information might be stored in a different storage mechanism such as SharePoint, Azure Table Service, No Sql databases etc. it is now possible to plug in different storage providers.
  • Unit testability
    • ASP.NET Identity makes the web application more unit testable. You can write Unit Tests for the parts of your application that use ASP.NET Identity
  • Simple Role provider
    • There is a Simple Role providers which lets you restrict access to parts of your application by Roles. You can easily create Roles such as “Admin” and add Users to Roles.
  • Claims Based
    • ASP.NET Identity supports claims-based authentication, where the user’s identity is represented as a set of claims. There is a Claims
  • External Logins 
    • You can easily add external logins such as Microsoft Account, Facebook, Twitter and Google to your application store the user specific data in your application using this system.
    • You can also add login functionality using Windows Azure Active Directory and store the user specific data in your application using this system.

How do I get it?

ASP.NET Identity is used by ASP.NET Web Forms, MVC and SPA templates in Visual Studio 2013. it is also available as Nuget packages on the Nuget gallery

  • Nuget packages
    • Microsoft.Aspnet.Identity.Core
      • This package contains the core interfaces of ASP.NET Identity.
      • core
    • Microsoft.Aspnet.Identity.EntityFramework
      • This package contains the implementation of ASP.NET Identity system which works with Entity Framework. This means that if you use this package then you can store information in a Sql Server database.
      • ef 
  • VS 2013 preview
    • The ASP.NET Web Forms, MVC and SPA templates have 1.0.0-alpha1 version of ASP.NET Identity
  • ASP.NET and Web Tools 2013 Preview Refresh (Supports English version of VS2013 Preview only)
    • The ASP.NET Web Forms, MVC and SPA templates have 1.0.0-beta1 version of ASP.NET Identity
    • You can download the Preview refresh by clicking the above link
    • Following are the notable changes from 1.0.0-alpha1 – 1.0.0-beta1
      • In these templates you no longer need IdentityConfig.cs
      • Lots of public APIs were changed for renames and refactoring of code.
      • Transactions support was added to the framework.

 

Sample to add profile data

The following video video(mark 55min) http://channel9.msdn.com/Events/TechEd/NorthAmerica/2013/DEV-B314#fbid=fEhPNbmXE9- gives you a sneak peak into the features.

You can download a sample from https://github.com/rustd/AspnetIdentitySample. This is based on the ASP.NET MVC template that shipped with ASP.NET and Web Tools 2013 Preview Refresh (Supports English version of VS2013 Preview only) Once you have this Preview Refresh installed you can do the same for ASP.NET Web Forms and SPA applications.

Please do stay tuned to this blog for upcoming posts where I will dive into the various other features in this system.

  • Hi I'd like to second both @Piggy's and @Martin's comments.

    ...basically, this new Identity seems like a clean solution, but most of us will have an existing database and are already using Int32 for the identity field of an existing Users table.

    How can we integrate this?  Many of us don't have the luxury of using File>New

    A basic blog post would be great showing how to connect Identity to an existing system (as in how to tweak the Identity defaults instead of existing databases.)

  • I'm trying to customize the membership system that's included with MVC 5 and Visual Studio 2013, using the Microsoft.AspNet.Identity classes.  The databases are created by Entity Framework, but it fails at trying to register a local account.  I've posted my code to StackOverflow (URL below), so I won't post it all here.  Could someone take a look at what I've done and let me know why it's failing?

    stackoverflow.com/.../custom-membership-with-microsoft-aspnet-identity-createlocaluser-fails

    Thanks so much,

    Vito

  • Where is example to add user Role.

  • Is there any information available on how to work with the identity system and use a custom storage provider?

  • Between the Video, Sample and a search no the net, I find examples that uses user level Identity. So far I'm not finding any examples that use the Simple Role Provider functionality.

  • In IRoleStore, wouldn't it be more semantically correct to call the method GetUsersInRole, rather than GetUsersInRoles since you are getting the users in a single role, not multiples roles.

  • @Vance: thank you for pointing it out. We'll update the API

  • This is a great feature!!!  How can I get this to work with the LightSwitch HTML client?

  • Why Microsoft.Aspnet.Identity.EntityFramework have these two dependencies?

    Microsoft.Owin.Security.Forms (≥ 1.1.0-beta2)

    Microsoft.Owin.Host.SystemWeb (≥ 1.1.0-beta2)

    It doesn't use those in the code.

  • I installed this preview refresh, created a new web project, and just ran it, but the login page didn't work,

    the error message:

    No owin.Environment item was found in context.

    just like this post

    connect.microsoft.com/.../new-webform-app-login-crashes-no-owin-environment

  • One question...does the IdentityDbContext actually work for Roles?

    because all of these return true yet absolutely nothing is written to the database. there are also no exceptions.

                   if (await AuthenticationManager.CheckPasswordAndSignIn(HttpContext, model.UserName, model.Password, model.RememberMe))

                   {

                       var createRole = await RoleStore.CreateRole(new Role("amazingRole"));

                       var result = await RoleStore.AddUserToRole("amazingRole",model.UserName);

                       var exists = await RoleStore.RoleExists("amazingRole");

                       return RedirectToLocal(returnUrl);

                   }

  • never mind.

    calling SaveChanges could be a good idea :D

  • Ok but this makes me wonder why RoleStore doesn't expose the DataContext like IdentityStoreManager and IdentityAuthenticationManager ?

    Don't really see a real need in creating a custom class which uses RoleStore as base just to get the context property.

    Are there any samples out there on how to use RoleStore correctly?

  • Doesn't work for me because of this bug: connect.microsoft.com/.../new-webform-app-login-crashes-no-owin-environment

    Any ideas when it will be fixed?

  • @Suthep: There will be a blog post to outline how to migrate from an existing database

Page 2 of 4 (51 items) 1234