nach oben

2021 | Buch

Kapitel lesen Erstes Kapitel lesen

Pro ASP.NET Core Identity

Under the Hood with Authentication and Authorization in ASP.NET Core 5 and 6 Applications

verfasst von: Adam Freeman

Verlag: Apress

Enthalten in: Springer Professional "Wirtschaft+Technik" , Springer Professional "Technik" , Springer Professional "Wirtschaft"

Einloggen, um Zugang zu erhalten

Über dieses Buch

Get the most from ASP.NET Core Identity. Best-selling author Adam Freeman teaches developers common authentication and user management scenarios and explains how they are implemented in applications. He covers each topic clearly and concisely, and the book is packed with the essential details you need to be effective.

The book takes a deep dive into the Identity framework and explains how the most important and useful features work in detail, creating custom implementations of key components to reveal the inner workings of ASP.NET Core Identity. ASP.NET Core Identity provides authentication and user management for ASP.NET Core applications. Identity is a complex framework in its own right, with support for a wide range of features, including authenticating users with services provided by Google, Facebook, and Twitter.

What You Will Learn

Gain a solid understanding of how Identity provides authentication and authorization for ASP.NET Core applicationsConfigure ASP.NET Core Identity for common application scenarios, including self-service registration, user management, and authentication with services provided by popular social media platformsCreate robust and reliable user management toolsUnderstand how Identity works in detail

Who This Book Is For

Developers with advanced knowledge of ASP.NET Core who are introducing Identity into their projects. Prior experience and knowledge of C#, ASP.NET Core is required, along with a basic understanding of authentication and authorization concepts.

Inhaltsverzeichnis

Frontmatter

Using ASP.NET Core Identity

Frontmatter

Chapter 1. Getting Ready

Abstract

ASP.NET Core Identity is the user management system for ASP.NET Core applications. It provides an API for managing users and roles and for signing users into and out of applications. Users can sign in with simple passwords, use two-factor authentication, or sign in using third-party platforms provided by Google, Facebook, and Twitter.

Adam Freeman

Chapter 2. Your First Identity Application

Abstract

The best way to appreciate a software development framework is to jump right in and use it. In this chapter, I explain how to prepare for ASP.NET Core development and how to create and run an ASP.NET Core application that uses ASP.NET Core Identity.

Adam Freeman

Chapter 3. Creating the Example Project

Abstract

In the previous chapter, I created an ASP.NET Core application that used Identity in the simplest way possible, which is to include Identity when the project is created and accept the default configuration.

Adam Freeman

Chapter 4. Using the Identity UI Package

Abstract

Microsoft provides a build user interface for Identity, known as Identity UI, which makes it possible to get up and running quickly. In this chapter, I add Identity to the example project created in Chapter 3 and explain the features that the Identity UI package provides. In Chapter 6, I explain how to adapt those features to suit different project types.

Adam Freeman

Chapter 5. Configuring Identity

Abstract

In this chapter, I explain how to configure Identity, including how to support third-party services from Google, Facebook, and Twitter. Some of these configuration options are part of the ASP.NET Core platform, but since they are so closely related to ASP.NET Core Identity, I have included them anyway. Table 5-1 puts the configuration options in context.

Adam Freeman

Chapter 6. Adapting Identity UI

Abstract

The Identity UI package has been designed for self-service applications that support authenticators for two-factor authentication and external authentication with third-party services. There is some flexibility within that design so that individual features can be altered or disabled, and new features can be introduced. In this chapter, I explain the process for adapting the Identity UI package, showing the different ways it can be customized.

Adam Freeman

Chapter 7. Using the Identity API

Abstract

As I explained in Chapter 6, there are limits to the customizations that can be made to the Identity UI package. Minor changes can be achieved using scaffolding, but if your application doesn’t fit into the self-service model that Identity UI expects, then you won’t be able to adapt its features to suit your project.

Adam Freeman

Chapter 8. Signing In and Out and Managing Passwords

Abstract

In this chapter, I describe the Identity API features for signing in and out of applications. Identity supports different ways of signing in, and I start with passwords in this chapter, including creating the workflows for managing passwords. In later chapters, I describe the other ways in which users can authenticate themselves. Table 8-1 puts the features for signing in and out and managing passwords in context.

Adam Freeman

Chapter 9. Creating, Deleting, and Locking Accounts

Abstract

In this chapter, I create workflows for creating accounts, deleting accounts, and managing account lockouts. As part of the account creation process, I explain how confirmation tokens are used to create workflows that allow the user to confirm their account. Table 9-1 puts the features described in this chapter in context.

Adam Freeman

Chapter 10. Using Roles and Claims

Abstract

In this chapter, I describe the Identity API features that support roles and claims. Roles are commonly used to create fine-grained authorization policies that differentiate between different signed-in users. Claims are a general-purpose approach to describing any data that is known about a user and allow custom data to be added to the Identity user store. Table 10-1 puts these features in context.

Adam Freeman

Chapter 11. Two-Factor and External Authentication

Abstract

Identity supports two-factor authentication, where the user provides additional information alongside their password. In Chapter 17, I demonstrate how to create an SMS two-factor workflow, but for this chapter, I am going to focus on support for an authenticator, which is a more secure approach but requires users to have access to an app. I also create workflows for signing in with third-party services from Facebook, Google, and Twitter, using the same configuration settings created in Chapter 5. Table 11-1 puts the features described in this chapter in context.

Adam Freeman

Chapter 12. Authenticating API Clients

Abstract

In this chapter, I explain how ASP.NET Core Identity can be used to authenticate API clients using a simple JavaScript application. Some projects can rely on standard ASP.NET Core user authentication for their clients, and I demonstrate how this works. For other projects, I explain how to provide authentication using cookies and using bearer tokens, which are useful for clients that don’t support cookies. Table 12-1 puts API authentication in context.

Adam Freeman

Understanding ASP.NET Core Identity

Frontmatter

Chapter 13. Creating the Example Project

Abstract

In Part 1, I focused on explaining how to use Identity. In this part of the book, I explain how Identity works, revisiting the major features and describing what happens behind the scenes. I create custom user role stores, use custom user and role classes, and implement many of the interfaces that ASP.NET Core Identity uses.

Adam Freeman

Chapter 14. Working with ASP.NET Core

Abstract

The examples in this chapter show the same simple authentication and authorization policy implemented in different ways. This may seem repetitive, but I start with a completely custom solution and finish with one that is expressed in just a few code statements, with each iteration using less custom code and more of the built-in features that ASP.NET Core provides.

Adam Freeman

Chapter 15. Authorizing Requests

Abstract

In the previous chapter, I focused on the ASP.NET Core request pipeline and the middleware components that authenticate requests and authorize access to endpoints. In this chapter, I dig deeper into the authorization features, explaining the different ways that access can be restricted. These are, once again, features that are provided by ASP.NET Core, and I describe them without using ASP.NET Core Identity. Table 15-1 puts the ASP.NET Core authorization features in context.

Adam Freeman

Chapter 16. Creating a User Store

Abstract

In this chapter, I add Identity to the example project and create a custom user store. In Part 1, I used the default user store that Microsoft provides, which uses Entity Framework Core to store user data in a relational database, and this is the store you should use in real projects.

Adam Freeman

Chapter 17. Claims, Roles, and Confirmations

Abstract

In this chapter, I continue to add features to the store and build administration tools that use those features through the UserManager<T> class. I start by adding support for storing and managing claims and then use these features to add support for roles, which are given special status in ASP.NET Core and ASP.NET Core Identity because they are so widely used. I also show you how to generate and validate confirmation tokens, which are used to ensure that a user can access the email address or phone number they provide. Table 17-1 puts these features in context.

Adam Freeman

Chapter 18. Signing In with Identity

Abstract

In this chapter, I extend the user store to support passwords and create the services that support user sign-ins. I explain how passwords are stored, how they are validated, and how the entire process can be customized. Table 18-1 puts the features described in this chapter in context.

Adam Freeman

Chapter 19. Creating a Role Store

Abstract

In this chapter, I create and use a role store. As earlier chapters have shown, Identity doesn’t need a role store to use roles, and the use of a role store is entirely optional and the features that are provided are not needed in most projects. That said, a role store can be a useful way to ensure that roles are used consistently. Table 19-1 puts role stores in context.

Adam Freeman

Chapter 20. Lockouts and Two-Factor Sign-Ins

Abstract

In this chapter, I describe how account lockouts are supported and explain the mechanisms behind two-factor authentication. Table 20-1 puts these features into context.

Adam Freeman

Chapter 21. Authenticators and Recovery Codes

Abstract

In this chapter, I describe how ASP.NET Core Identity supports authenticators for two-factor authentication and how to provide users with recovery codes for emergency access when their second factor isn’t available. Table 21-1 puts these features in context.

Adam Freeman

Chapter 22. External Authentication, Part 1

Abstract

In this chapter, I explain how external authentication works. This is a complex process, even by the high standard set by other ASP.NET Core Identity features, and there is a lot of detail to take in. The examples in this chapter use a simulated third-party service, which allows me to explain the interactions in a controlled way. In Chapter 23, I add support for working with real services from Google and Facebook. Table 22-1 puts external authentication in context.

Adam Freeman

Chapter 23. External Authentication, Part 2

Abstract

In this chapter, I complete my description of the Identity features by showing you how to store authentication tokens received from external services and by adding support for authentication with the real services provided by Google and Facebook.

Adam Freeman

Backmatter

Titel: Pro ASP.NET Core Identity
verfasst von: Adam Freeman
Verlag: Apress
Electronic ISBN: 978-1-4842-6858-2
Print ISBN: 978-1-4842-6857-5
DOI: https://doi.org/10.1007/978-1-4842-6858-2