ASP.NET Identity in MVC Framework

July 08, 2019 0 Comments A+ a-

ASP .Net
In this article we discuss about the basic of ASP .NET identity, creating identity and it's uses.
ASP.NET offers Forms Authentication as one of the authentication schemes. Developers can use Forms Authentication in combination with membership, roles and profile features to provide security to their web applications.
Identity is used for identifying the authorized user and protecting their application from unauthorized user.
When you create application with identi model then application will configure the all the setting for authentication such as account model, manage model , account controller, manage controller and identity DbContext etc.

Now we will account model details

  • LoginViewModel - It's used to login page for interacting data between login view and login action.
  • RegisterViewModel - It's used to register page for interacting data between register view and register action. When new user wants to create his/her id in your application. 
  • ResetPasswordViewModel - Similar way it is used to reset the password for his/her password
  • ForgotPasswordViewModel - It interacting data between forgot password view and forgot password action.
AccountViewModels
 
public class LoginViewModel
    {
        [Required]
        [Display(Name = "Email")]
        [EmailAddress]
        public string Email { get; set; }

        [Required]
        [DataType(DataType.Password)]
        [Display(Name = "Password")]
        public string Password { get; set; }

        [Display(Name = "Remember me?")]
        public bool RememberMe { get; set; }
    }

    public class RegisterViewModel
    {
        [Required]
        [EmailAddress]
        [Display(Name = "Email")]
        public string Email { get; set; }

        [Required]
        [StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 6)]
        [DataType(DataType.Password)]
        [Display(Name = "Password")]
        public string Password { get; set; }

        [DataType(DataType.Password)]
        [Display(Name = "Confirm password")]
        [Compare("Password", ErrorMessage = "The password and confirmation password do not match.")]
        public string ConfirmPassword { get; set; }
    }

Now we will manage model details

  • ChangePasswordViewModel - It's used to change password page for interacting data between change password view and change password action. 
  • AddPhoneNumberViewModel - It's used to add phone number page for interacting data between add phone number view and add phone number action.
It has also other model like SetPasswordViewModel,VerifyPhoneNumberViewModel
ManageLoginsViewModel
 
 public class SetPasswordViewModel
    {
        [Required]
        [StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 6)]
        [DataType(DataType.Password)]
        [Display(Name = "New password")]
        public string NewPassword { get; set; }

        [DataType(DataType.Password)]
        [Display(Name = "Confirm new password")]
        [Compare("NewPassword", ErrorMessage = "The new password and confirmation password do not match.")]
        public string ConfirmPassword { get; set; }
    }

    public class ChangePasswordViewModel
    {
        [Required]
        [DataType(DataType.Password)]
        [Display(Name = "Current password")]
        public string OldPassword { get; set; }

        [Required]
        [StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 6)]
        [DataType(DataType.Password)]
        [Display(Name = "New password")]
        public string NewPassword { get; set; }

        [DataType(DataType.Password)]
        [Display(Name = "Confirm new password")]
        [Compare("NewPassword", ErrorMessage = "The new password and confirmation password do not match.")]
        public string ConfirmPassword { get; set; }
    }
Account Controller :-
It contains action methods and constructor, now we will discuss each.

  • AccountController() - This is the constructor of the Account controller and initializes UserManager and RoleManager. 
  • Login(string returnUrl) - This action method return login view. 
  • Login(LoginViewModel model, string returnUrl) - it is post action of login. It is used to login the user. 
  • Register() - This action method returns Register view to the user. 
  • Register(RegisterViewModel model) - It is the post action of register method. Itis creating a user account. 
  • ForgotPassword() - It render the forgot password view
  • ForgotPassword(ForgotPasswordViewModel model) - It is post action of forgot password method and finding email adress from databse and sending verfication code to email. 
  • ResetPassword(string code) - It render reset password view. 
  • ResetPassword(ResetPasswordViewModel model) - It post action of reset password method and used to reset password. 
  • LogOff() - When user click on logout button from any view and it will removing the authenticating cookies.

We will create the application.
MVC Identity Application
Fig - 1
MVC Identity Application
Fig - 2
MVC Identity Application
Fig - 3
MVC Identity Application
Fig - 4

User
A user object contains the basic authentication details like user id, password and profile details (phone number, email address, etc). ASP.NET Identity comes with the IdentityUser class that captures basic authentication information.
Role
A Role object contains a user's role details. the Identity Role class of asp .net identity provides the basic role.
User Manager
A user manager is a class the allows to manage adding / removing users to a role, creating user accounts, changing passwords, removing user accounts and such tasks can be performed using a user manager.
Role Manager
A Role Manager is a class that allows you to manage roles. creating a role, checking whether a role exists in the system, removing a role and such tasks can be performed using a role manager.