I'm new to ASP.NET MVC 4 framework, before I developed .NET web apps using ASP.NET Web Forms.
In my new project (I'm updating an existing Web Form project) I need to implement Form authentication and role based authorization to pages and functionalities.
Following some articles and StackOverflow answers I'm trying to use SimpleMembershipProvider but I'm finding several difficulties to configure it and in integration with my existing DB.
In particular cannot use my existing user accounts table...
I'm using SQL Server 2005 and now I'm upgrading from Linq-to-SQL to EntityFramework.
Can you suggest me the best way to implement authentication and role authorization in ASP.NET MVC4?
It depends how custom you need:
1) Try something, that exists already. As long as you're using EF, you may try https://efmembership.codeplex.com. Haven't tried it, but from first look, looks reasonable and configurable. There are also other MembershipProvider implementations on nuget gallery if previous one does not fit.
2) If really nothing fits into your scenario from existing in nuget gallery, implement membership provider by your self. Example may be here: http://blog.ianchivers.com/2012/03/entity-framework-custom-membership.html or there even video how to do it: http://www.asp.net/web-forms/videos/how-do-i/how-do-i-create-a-custom-membership-provider
Related
I would like to write a SPA application in React that will communicate with the .net core API.
I think it would be easier to have two separate projects (API + UI) on different domains.
API should be protected, that only authenticated users could make requests.
In react i'd like to have login and registration forms that will allow me to register and login users, and also I would like to have social providers. I would like to create whole UI for managing users in react SPA, and saving this data using API.
I did a lot of research, and I'm a little confused.
I would really like to use Core Identity because it simply looks like made for it
https://learn.microsoft.com/en-us/aspnet/core/security/authentication/identity?view=aspnetcore-5.0
it has a ready to go model of Users, Claims, Roles etc.
it has built in services for managing passwords, users, roles etc
it has features to customize authentication schemes, policies, roles etc,
there are lot of reasons why i think this is a good solution.
Unfortunatelly, on the documentation site there is an information that for SPA integration it works combined with Identity Server.
https://learn.microsoft.com/en-us/aspnet/core/security/authentication/identity-api-authorization?view=aspnetcore-5.0
Last year I went throug every episode of this tutorial https://www.youtube.com/watch?v=Fhfvbl_KbWo&ab_channel=RawCodingRawCoding (btw. great tutorial), and I'm pretty sure, that I don't want to use Identity Server 4 for this scenario. As far as I know - this is the best solution when you want to have SSO for multiple applications, and you would like to provide one common way to authenticate user for all of it. And it has it's own UI for managing user registration, login and managing. This is not what I need - I just want to have it all written in React, cause I want all application to have the same mui theme without redirects to Identity Server.
But maybe I'm wrong, and Identity Server will work for me. But I found it to be quite lot of work to provide my own UI rather than MVC
(https://medium.com/#piotrkarpaa/using-spa-react-angular-ui-with-identity-server-4-dc1f57e90b2c)
For now I think, that I should use Identity Core on the backend, and communicate with it from React SPA with custom controllers like in here:
https://www.c-sharpcorner.com/article/authentication-and-authorization-in-asp-net-core-web-api-with-json-web-tokens/
Authenticating React SPA with API with JWT token - I think that this will work according to this example:
https://www.youtube.com/watch?v=FSUa8Vd-td0&ab_channel=Geek%27sLesson - but in here this is without Identity Core.
But I'm not sure that this is the best approach, and I don't know if I will be able to add Social Providers this way.
Also, I found serveral tutorials how to comine React App with .net core backend (and authentication) like this one:
https://www.red-gate.com/simple-talk/development/dotnet-development/integrate-create-react-app-with-net-core-5/
but I would like to have two separate applications, API and UI.
What is the best approach to achieve this goal?
EDIT:
Few months later, I already have SPA application, API and IS4. There is lot of problems to make Identity Server views (registration, login etc) look similar to SPA Application. (React app in MUI, MVC with bootstrap... ).
Now I think it was a bad decision, causing lot of problems:
2 way integration of users from API and Identity Server 4
changes in SPA layout, styles, colors - it all needs to be maintened on Identity Server 4 too
Bad user expirience - editing user profile on another application, on another domain with slightly different styles
Now I'm about to rewrite application, not to use Identity Server 4. Components for registration, login and editing user profile will be in SPA application, maintaining users will be done using API.
The only think I do not know is how can I use social providers with this aproach?
My question is still remaining without answer, can someone help me with providing proper solution?
Finally I found proper solution for me:
https://mahdikarimipour.com/blog/google-auth-for-react-with-aspnet-identity
thank you for your post: Mahdi Karimipour
I could really use some help. I'm newer to C# and ASP.Net MVC 5. I currently have an internal website that I've build that will run on IIS. The final component I need to work out is authorization. This has been surprisingly hard to find. The biggest issue I have found is that Microsoft has changed the way to handle this multiple times. It appears to me that membership, universal membership, and simple membership are no longer used and the way to do things now is with Identity. As I didn't know what I was looking for at first I looked into all of these at least some as I was under the impression that identity was a .Net Core thing. All of the blog posts and tutorials seems to deal with outside web sites that the user would log into. That isn't what I need. Also, most of the answers are really old, so I'm not sure if this is the modern way of doing things.
My shop currently uses ASP.NET MVC 5 (not core) and we have on premise active directory (AD). What I want to accomplish is to have all AD users have access to the site. Then have a page where I can grant select users admin privileges so they can manage their staff. I'm currently using a code first approach with Entity framework, which I'm also new to. I had planned to use the [Authorize] attribute to accomplish this, but again, I'm a bit lost in what I need to do to hook this all up.
So my questions is: Using code first with Entity Framework, how can I use AD for my authentication and Identity for my authorization when my site will run on IIS? Also, should I be using Identity?
My roles will be pretty simple. Probably Admin and Manager. Admin will have access over everything, Manager will have access over there section.
Any help is greatly appreciated. Thank you.
I have an existing web application that is already using Identity 2.0 and the basic login functionality that comes with creating a new MVC 5 web app on the Azure cloud with the "Individual Accounts" setting set (the MVC app was created with VS 2013 update 4).
I want to add more data to my user model such as role (Guest, Member, Moderator, Admin) so that they have different experiences and options available to them on the web application.
I have been working on this problem for a few weeks and the only success I have found is with the following:
http://typecastexception.com/post/2014/06/22/ASPNET-Identity-20-Customizing-Users-and-Roles.aspx
http://typecastexception.com/post/2014/08/10/ASPNET-Identity-20-Implementing-Group-Based-Permissions-Management.aspx
The problem I am having with these tutorials is that they require you to create a brand new project and use the Identity 2.0 sample project which adds a significant amount of views and controllers that make the project very hard to understand what is going on:
PM> Install-Package Microsoft.AspNet.Identity.Samples -Pre
Is this really the best tutorials out there for implementing this functionality? I feel like the addition of two controllers, X number of views, and the repetition that comes with just adding a simple thing such as an address (as demonstrated in the first link) shouldn't be an undertaking where I am writing near identical code in over 5-8 places.
Are there any other good tutorials that are recommended for me to do that will show me how to add roles to each user, and then be able to tailor the experience of the website by role?
Thank you for any help in this matter.
I have an application which is in .NET Framework version 4.5. It uses Web Forms and EntityFramework 6.1.1.
The EntityFramework's Context object is of type ObjectContext. I'm using ASP.NET Membership(the MembershipProvider is customized i.e Custom Membership) for managing the user account related operations.
I want to migrate my Web Forms application to ASP.NET Identity.
According to http://www.asp.net/identity/overview/migrations/migrating-an-existing-website-from-sql-membership-to-aspnet-identity article I think I have to do the following things to migrate to the ASP.NET Identity:
Convert the ObjectContext to DbContext(and correct the related codes)
Create the new tables needed for ASP.NET Identity and do the data migration.
Redefine the account section codes and other dependent codes as needed to match the business logic.(optional)
I have few questions in my mind:
1) I have customized the membership User table and there are several custom foreign keys associated with the User table. Will it still be feasible to migrate to the Identity system without losing any data?
2) As I'm using EntityFramework so DbContext is needed to migrate to Identity system. Can I use ObjectContext for ASP.NET Identity migration?
3) I'm NOT using all the Membership tables as listed at http://i1.asp.net/media/48109/image006.png?cdn_id=2014-11-11-001. (i.e aspnet_Applications, aspnet_Membership, aspnet_Paths, aspnet_PersonalizationAllUsers, aspnet_PersonlizationPerUser, aspnet_Profile, aspnet_Roles, aspnet_SchemaVersions, aspnet_Users, aspnet_UsersInRoles, aspnet_WebEvent_Events)
But I am using Application, User, Role, UserInRole, Profile tables only. Can I still migrate these table in order to use the ASP.NET Identity?
I'm ready to provide more information you may need to understand my current scenario.
I'm looking for the correct steps to migrate to Identity, any caution I need to take care, any hurdles I will face? Any help is highly appreciated.
Dave Paquette wrote this http://www.davepaquette.com/archive/2013/12/30/so-you-inherited-an-asp-net-web-forms-application.aspx
This may be the answer to your problem. Once you have integrated your Web Forms project to MVC, there are plenty of guides online to integrate the new Identity 2.0.
I have been scouring the internet trying to find a solution to this problem. I have altered the role and membership providers to use SimpleMembership, but it is still referencing the old ("aspnet_XXX") tables. I have found this solution, but it seems like it is only dealing with the user data and moving it over to the new tables. Maybe I'm just reading it wrong. Anyone have any advise on the matter?
If you haven't gone deep, I would to suggest to convert to new ASP.Net Identity comes with MVC 5.
Microsoft has replaced SimpleMembership with ASP.Net Identity.
Introducing ASP.NET Identity – A membership system for ASP.NET applications
Forms authentication using ASP.NET Identity & VS 2013 Preview