I need to change my primary key for my ASP.NET Identity users. I have a similar issue like here Changing User Name breaks ASP.NET Identity BUT I am using blazor.
I found according documentation from Microsoft https://learn.microsoft.com/en-us/aspnet/identity/overview/extensibility/change-primary-key-for-users-in-aspnet-identity BUT it is only for Webforms and MVC.
Any idea how I can change the primary auth key from Username to Email?
Related
I'm using a ASP.NET Identity OAuth token to log in my Xamarin forms user. I would like to have the token be provided only when a specific bool column in the AspNetUser table is true.
This bool column is essentially asking "Is this user allowed to log into the Xamarin app?: Yes/No".
Is there a way to achieve this using tokens?
This seems like an obvious use case but I can't seem to find any explanation describing the best way to save Cognito user related data internally in a database. So for example, I can create a client side application (I'm using React and Amplify) to login using Cognito and then pass the Idtoken as a bearer token to the Web API. I can even call cognito to authorize access to controller methods on my backend web api (.net core). What I can't seem to figure out to get a unique identifier for the user so I can relate information using the User ID as a foreign key in my backend database.
For example, I have a User that can create Comments. In my database, comment has a userID column. How can I get the userID from cognito to save the comment? So if I have a method GetAllCommentsForUser, I can pass the bearer token, retrieve the unique user ID and then query the db? Am I missing something because again it seems like a pretty common scenario.
You can use the getId API call to retrieve the unique sub id of the user related to the identity pool. You can write your IAM policies dynamically to include the sub variable which is linked to this id. So, for example, you can create a "folder" in s3 with name as the sub id of user. Your dynamically written policy will then restrict the user so that he can only access files inside the folder.
In your use case you can put the sub as userId in your table.
I am working on a startup project in .NET Core, with using the Entity Framework Core, version 1.1. It is a typical ASP.NET Core MVC application, with three roles: user, basic admin and super admin. Due to budget and customer requirements, both types of admin roles will have direct access to the database.
Now, one of the fields each User table has is SecurityAnswer, which is the correct response to a security question. The answer should be visible and editable only by the user himself and the super admin. Due to basic admins' direct access to the database, this cannot be handled in the application layer and the data have to be encrypted also in the database. I have seen several similar posts on StackOverflow, but all of them solve my problem only partially.
My questions are:
How do I encrypt/decrypt data only for a particular user/user role?
Where do I securely store the encryption/decryption key?
situation is as follows:
I have an existing MVC 5 application and created some very, very basic log-in functionality for it. I just have a table for users and passwords in my database, and use forms authentication to check if a user exists (and some actions can only be done if you are logged in).
Now I would like to extend the authentication system to use roles. From what I gather, I need to make a table in the database with roles, and of course give users a field that contains their role.
But I don't know how I could then use that information in my MVC application for authentication (using that nice [Authorize(Roles="admin")] syntax). All the examples i found for using the identity system use the template site, which I did not use to create this app (I started from an empty project).
From my understand i think you can Use the User.IsInRole() method or AuthorizeAttribute to verify the user in a particular role instead of Membership method or identity method.
I have an asp.net application and a login table with fields username,password,role,emailid etc. which is being used for Login purposes in the application. When I created the application I had no idea of membership in ASP.NET.(being a beginner)
Can I map this table to the ASP.NET Membership code without changing the original login table,
Because the same table is updated in forgot password functionality also.
My application will also become secured when Membership code is implemented.
Custom membership provider would be the way to go:
How do I create a custom membership provider for ASP.NET MVC 2?
http://www.codeproject.com/Articles/165159/Custom-Membership-Providers
http://msdn.microsoft.com/en-us/library/ms366730(v=vs.100).aspx
If you are storing your passwords in the database in cleartext then you should be able to write a little bit of code to programmatically loop through your existing users and recreate your them under ASP.NET's membership provider. Look into the Membership.CreateUser method and its various overloads. Keep in mind that there are multiple providers to choose from these days, so be sure you choose the one that's right for your application.
If you have any foreign key references pointing to your existing Users database table you'll just need to do a little bit of rewiring as well, but if my original assumption that you have the passwords available unhashed is correct this shouldn't be too difficult.
You may want to also look here and here for more help.