CS296N Web Development 2: ASP.NET                                              
Brian Bird

User Management with ASP.NET Identity

Week 1, Session 2

Topics by week
1. Intro to course and Identity
6. Creating a Web Service
2. Authorization and Role Management
7. Consuming a Web Service, Async / Await
3. Security
8. Docker Containers
4. Load Testing and Performance
9. Microservices
5. Midterm, Bootstrap and Front-End Libraries 10. TBD



Today's objective

How to use ASP.NET Core Identity to create and manage user accounts




ASP.NET Core Identity

A class library (an API) for:

Adding Identity to a web app

Follow the steps in Freeman, Ch. 28 through the end of "Setting up the User Classes", but skip "Creating a Controller and View"

  1. Modify your application's DbContext class to inherit from IdentityDbContext
    • All you need to do is change the inheritance
    • Don't add a new DbSet for Identity, that will be done by the parent class
  2. In Startup.cs, ConfigureServices, add:
    services.AddIdentity() .AddEntityFrameworkStores() .AddDefaultTokenProviders();
    • The AddIdentity method has generic type specifiers for my user class and thethe built-in IdentityRole class for roles.
    • The AddEntityFrameworkStores method specifies that Identity should use Entity Framework Core to store and retrieve its data, using the application's database context class.
    • The AddDefaultTokenProviders method uses the default configuration to support operations that require a token, such as changing a password.
  3. In Startup.cs, Configure, add:
  4. Modify your user model so that the class inherits from IdentityUser
    The IdentityUser has these properties:
    • Id - This property contains the unique ID for the user.
    • UserName - This property returns the user’s username.
    • Claims - This property returns the collection of claims for the user, which I describe in Chapter 30.
    • Email - This property contains the user’s e-mail address.
    • Logins - This property returns a collection of logins for the user, which is used for third-party authentication, as described in Chapter 30.
    • PasswordHash - This property returns a hashed form of the user password, which I use in the “Implementing the Edit Feature” section.
    • Roles - This property returns the collection of roles that the user belongs to, which I describe in Chapter 29.
    • PhoneNumber - This property returns the user’s phone number.
    • SecurityStamp - This property returns a value that is changed when the user identity is altered, such as by a password change.
  5. Add a migration for the new user model and update the database

After adding Identity to your project, Inspect the database using SQL Server Object Explorer and note the new tables added by Identity. The tables listed below should have been created.

Add an admin controller and views:

Notes on Freeman Ch. 28





GitHub Repository:
AddIdentity branch

Next Class