- Introduction to .NET
- .NET - What is .NET?
- .NET - History and Evolution of .NET
- .NET - Ecosystem Overview
- .NET - Installing Visual Studio and Setting Up Environment
- .NET - Your First .NET Application (Console App)
- .NET - Understanding .NET CLI
- C# Fundamentals
- C# - Syntax and Structure
- C# - Data Types and Variables
- C# - Operators and Expressions
- C# - Control Statements (if, switch, loops)
- C# - Methods and Parameters
- C# - Exception Handling in C#
- C# - File Handling in C#
- C# - Collections and Generics
- Object-Oriented Programming in C#
- C# - Classes and Object
- .NET Authentication and Authorization
- .NET - Identity in ASP.NET Core
- .NET - Cookie Authentication
- .NET - JWT Authentication
- .NET - Role-Based and Policy-Based Authorization
- .NET - Securing Web APIs
- .NET Core Libraries and Tools
- .NET - Using NuGet Packages
- .NET - Logging in .NET Core
- .NET - Configuration Management (appsettings.json)
- .NET - Globalization and Localization
- .NET - Working with DateTime and TimeZones
- .NET - Working with JSON in .NET
- Popular Real-World Projects
- .NET - Build a URL Shortener with ASP.NET Core
- .NET - Build a Blog System with ASP.NET Core and EF Core
- .NET - Build a REST API for Task Management
.NET - Identity in ASP.NET Core
ASP.NET Core Identity
Introduction to ASP.NET Core Identity
ASP.NET Core Identity is a membership system that adds login functionality to ASP.NET Core applications. It manages users, passwords, profile data, roles, and more. Identity is highly customizable and can be extended to meet your business requirements.
When building secure applications, managing user authentication and authorization is crucial. ASP.NET Core Identity provides a robust, extensible framework for handling these aspects securely and efficiently.
Key Features of ASP.NET Core Identity
- User registration and login
- Role-based authorization
- Password hashing and validation
- External login providers (Google, Facebook, etc.)
- Email confirmation and password recovery
- Two-Factor Authentication (2FA)
Installing ASP.NET Core Identity
To use Identity in your project, you typically start by creating a new ASP.NET Core Web Application using Individual User Accounts for authentication.
dotnet new webapp -o IdentityApp --auth IndividualThis command scaffolds a Razor Pages app with Identity preconfigured.
Understanding Identity Core Classes
- IdentityUser: Represents a user in the system.
- IdentityRole: Represents a role that users can be assigned to.
- UserManager<TUser>: Used to manage users (create, delete, update, etc.).
- SignInManager<TUser>: Used to handle user login and logout.
- RoleManager<TRole>: Used to manage roles.
Configuring Identity in Startup.cs
Identity is configured in the Startup.cs or Program.cs depending on the version of ASP.NET Core.
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.AddDefaultIdentity<IdentityUser>(options => options.SignIn.RequireConfirmedAccount = true)
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddRazorPages();
}
Creating the Database and Applying Migrations
Once Identity is configured, you must create the database using migrations.
dotnet ef migrations add InitialCreate
dotnet ef database updateThis will create all necessary tables like AspNetUsers, AspNetRoles, and AspNetUserRoles.
Registering a New User
The Identity system includes a fully functional registration system. You can create a user using the UserManager.
var user = new IdentityUser { UserName = "john@example.com", Email = "john@example.com" };
var result = await _userManager.CreateAsync(user, "SecurePassword123!");
User Login and Logout
// Logging in
var result = await _signInManager.PasswordSignInAsync("john@example.com", "SecurePassword123!", false, false);
if (result.Succeeded)
{
// Redirect to dashboard
}
// Logging out
await _signInManager.SignOutAsync();
Managing Roles in ASP.NET Core Identity
Roles help in implementing authorization logic by grouping users.
Creating a Role
if (!await _roleManager.RoleExistsAsync("Admin"))
{
await _roleManager.CreateAsync(new IdentityRole("Admin"));
}
Assigning a User to a Role
var user = await _userManager.FindByEmailAsync("john@example.com");
await _userManager.AddToRoleAsync(user, "Admin");
Checking User Role
if (await _userManager.IsInRoleAsync(user, "Admin"))
{
// Grant admin privileges
}
Customizing the IdentityUser Class
You can extend IdentityUser to include more properties.
public class ApplicationUser : IdentityUser
{
public string FullName { get; set; }
}
Then configure the app to use ApplicationUser:
services.AddDefaultIdentity<ApplicationUser>()
.AddEntityFrameworkStores<ApplicationDbContext>();
Using Claims with ASP.NET Core Identity
Claims are key-value pairs that provide additional information about the user.
await _userManager.AddClaimAsync(user, new Claim("Department", "IT"));
You can access claims using:
var department = User.FindFirst("Department")?.Value;
Email Confirmation and Password Recovery
Identity supports secure email confirmation and password reset functionality.
Generate Confirmation Token
var token = await _userManager.GenerateEmailConfirmationTokenAsync(user);
var confirmationLink = Url.Action("ConfirmEmail", "Account",
new { userId = user.Id, token = token }, Request.Scheme);
Reset Password
var resetToken = await _userManager.GeneratePasswordResetTokenAsync(user);
// Send this token via email
Two-Factor Authentication (2FA)
2FA adds an extra layer of security. Identity supports SMS, authenticator apps, and email-based 2FA.
Enable 2FA
var user = await _userManager.GetUserAsync(User);
await _userManager.SetTwoFactorEnabledAsync(user, true);
Using Identity with Razor Pages and MVC
When scaffolding Identity UI, Razor Pages are created under Areas/Identity/Pages/Account. You can customize registration, login, and other pages here.
dotnet aspnet-codegenerator identity -dc ApplicationDbContext
Securing Routes with Authorization
Identity allows you to protect routes using roles or policies.
[Authorize(Roles = "Admin")]
public class AdminController : Controller
{
public IActionResult Index()
{
return View();
}
}
Identity with External Providers
ASP.NET Core Identity supports social login providers like Google, Facebook, Microsoft, etc.
Add Google Login
services.AddAuthentication()
.AddGoogle(options =>
{
options.ClientId = Configuration["Authentication:Google:ClientId"];
options.ClientSecret = Configuration["Authentication:Google:ClientSecret"];
});
Identity Framework and ASP.NET Core Security
The Identity framework is deeply integrated with ASP.NET Core's security model. It helps prevent common vulnerabilities such as:
- Brute force attacks
- Session hijacking
- Cross-site request forgery (CSRF)
- Man-in-the-middle attacks (when combined with HTTPS)
ASP.NET Core Identity is a powerful and flexible system that provides a complete solution for authentication and authorization in web applications. Whether you're building a small web app or a large enterprise system, understanding Identity is critical to securing your application and managing user access.
This guide has covered Identity configuration, user management, roles, claims, external logins, 2FA, and more to give you a solid foundation for implementing user authentication in ASP.NET Core.
