+——————+——————+ | Table | Description | +——————+——————+ | AspNetUsers | The users. | | AspNetRoles | The roles. | | AspNetUserRoles | Roles of users. | | AspNetUserClaims | Claims by users. | | AspNetRoleClaims | Claims by roles. | +——————+——————+ A role is something assigned to a user. Eg. Jane is an admin. A … Read more
I have written a step-by-step article on how to add email confirmation when using ASP.NET Identity. You can get the source code here in the project folder AspNetIdentity\AspNetIdentityRefApp. I have also created a service layer that encapsulates ASP.NET Identity, making it easier to incorporate in new MVC 5 applications and mimics the WebSecurity API used … Read more
Not an expert, but … There seemed to be no built in funcionality for this in Identity and I could not get it work from built in Roles also (it seems to not work with claims based Identity). So I ended up doing something like this: var users = context.Users .Where(x => x.Roles.Select(y => y.Id).Contains(roleId)) … Read more
I think you are mixing two things here. Expression trees and delegates. Lambda can be used to express both of them, but it depends on the type of parameter the method accepts in which one it will be turned. A lambda passed to a method which as Action<T> or Func<T, TResult> will be converted into … Read more
I have found working with ASP.Net Identity 2.0 and EF6 a bit challenging. The biggest drawback is the lack of documentation or conflicting documentation. I am using WebApi 2.0, EF6 and ASP.Net Identity 2.0. At first it was tough to get going but once it’s working, it’s been good. I created my own Identity classes. … Read more
@Roman references some good articles that looks at the pros and cons of ASP.NET Identity and the membership provider model. ASP.NET Identity gets away from the membership provider model, which I believe is a good thing. There are some definite problems with Simple Membership when you wanted more advanced security features and if it was … Read more
Just hit AD with the username and password instead of authenticating against your DB // POST: /Account/Login [HttpPost] [AllowAnonymous] [ValidateAntiForgeryToken] public async Task<ActionResult> Login(LoginViewModel model, string returnUrl) { if (ModelState.IsValid) { var user = await UserManager.FindByNameAsync(model.UserName); if (user != null && AuthenticateAD(model.UserName, model.Password)) { await SignInAsync(user, model.RememberMe); return RedirectToLocal(returnUrl); } else { ModelState.AddModelError(“”, “Invalid username … Read more
Regarding the use of guid, there is a point of view that promotes using ids without “meaning” in order to completely separate the identifier from the data surrounding it; this id shouldn’t be visible from outside the datastore. If we look at some characteristics of a surrogate key, we have the following the value is … Read more
1) Normalization stops people registering user names which only differ in letter casing. 2) No – those fields are part of the basic data model.
Run this SQL Script on the database. /****** Object: Table [dbo].[AspNetRoles] Script Date: 15-Mar-17 10:27:06 PM ******/ SET ANSI_NULLS ON GO SET QUOTED_IDENTIFIER ON GO CREATE TABLE [dbo].[AspNetRoles]( [Id] [nvarchar](128) NOT NULL, [Name] [nvarchar](256) NOT NULL, CONSTRAINT [PK_dbo.AspNetRoles] PRIMARY KEY CLUSTERED ( [Id] ASC )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS … Read more