I am an Asp.net developer but very much new to the Asp.net Identity framework. I have been studying the sample application and followed some tutorials too on Identity but still I am not able to grasp the concept completely. I have very firm grip over Asp.net membership but Identity seems nothing like membership. I will explain what I have done so far.
I am creating a simple application in which I am following code first approach. I have created entity model for User which inherits from IdentityUser and has some extra fields. Below is entity model for User.
public class User : IdentityUser
{
public int? CompanyID { get; set; }
public bool? CanWork { get; set; }
public bool? CanSearch { get; set; }
public Company Company { get; set; }
}
Now in the examples people use the name ApplicationUser but for my own purpose I have used name User. Also there is a method in User or ApplicationUser model which is,
public async Task<ClaimsIdentity> GenerateUserIdentityAsync(UserManager<User> manager)
{
CookieAuthenticationOptions.AuthenticationType
var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie);
// Add custom user claims here
return userIdentity;
}
I am unable to understand the purpose of this method. Also from an example I have used the following model for Role,
public class Role : IdentityRole
{
public Role()
{
}
public Role(string roleName, string description)
: base(roleName)
{
this.Description = description;
}
public string Description { get; set; }
}
I understand that an extra field is added but I am unable to understand the purpose of overloaded constructor.
The above mentioned confusions are secondary. My primary confusion is that I am familiar that when I create entity models I use DbSet and DbContext and when I call any entity framework method to access the database, the database is created/drop created whichever scheme I am following.
In Identity which method is responsible for creating the Identity tables in the database? I have a IdentityConfig file in which I declare ApplicationUserManager and ApplicationSignInManager. I have also a Startup file. Previously I had only one Startup file in the App_Start folder and when I run the application and tried to accessed any Identity methods it gave me error and was not creating database. I then made the class as partial and created another partial class with same name at the root and then the exception was gone and tables were created. So Startup class is responsible for creating Identity tables? There are extra columns created automatically in the AspNetUsers like PhoneNumber, PhoneNumberConfirmed, TwoFactorEnabled. I don't need these extra columns. Can I remove these? Can I change the names of the Identity tables that are created?
I know these are very basic questions and not one question at all but if I was unable to find some basic tutorial or example for beginners then it would be very beneficial. What I have found are describing those things which I don't need or making me confuse. I want to understand and have control how Identity should work in my application but till now it seems to me that neither I am grasping it completely and nor being able to make is adjustable to my needs. Its like tutorials and example are teaching me how to make sentences but I am unable to understand the alphabets. :(
First of all you have to define the model - as you're doing - implementing the right interfaces.
Let's say you want to create a user for your application:
public class MyUser : IdentityUser<string, MyUserLogin, MyUserRole, MyUserClaim>
{
public string CompanyName { get; set; }
}
As you can see I've implemented the IdentityUser interface (namespace Microsoft.AspNet.Identity.EntityFramework).
I've specified what type of identifier I want to use for my primary key (string) and included my custom objects to manges login, roles and claims.
Now we can defined the role object:
public class MyRole : IdentityRole<string, MyUserRole>
{
}
Again there's a type and the class I've defined for the management of users belonging to to a role.
public class MyUserRole : IdentityUserRole<string>
{
}
MyUserLogin is going to implement IdentityUserLogin<string>.
MyUserClaim is going to implement IdentityUserClaim<string>.
As you can see each interface need a type for the primary key.
The second step is to create the user store:
public class MyUserStore: UserStore<MyUser, MyRole, string, MyUserLogin, MyUserRole, MyUserClaim>
{
public MyUserStore(MyContext context)
: base(context)
{
}
}
Again we have defined what user, role, login etc etc we want to use.
We need UserStore cause our UserManager is going to need one.
If you're planning to manage roles and associate roles with each user you have to create your RoleStore definition.
public class MyRoleStore : RoleStore<MyRole, string, MyUserRole>
{
public DaufRoleStore(ApplicationDatabaseContext context) : base(context)
{
}
}
Now you can create your UserManager. The UserManager is the real responsible of saving changes to the UserStore.
public class ApplicationUserManager : UserManager<MyUser, string>
{
public ApplicationUserManager(IUserStore<MyUser, string> store)
: base(store)
{
}
public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUserManager> options, IOwinContext context)
{
var manager = new ApplicationUserManager(new MyUserStore(context.Get<MyContext>()));
manager.UserValidator = new UserValidator<MyUser, string>(manager)
{
AllowOnlyAlphanumericUserNames = false,
RequireUniqueEmail = true
};
manager.PasswordValidator = new PasswordValidator()
{
RequiredLength = 5,
RequireNonLetterOrDigit = false, // true
// RequireDigit = true,
RequireLowercase = false,
RequireUppercase = false,
};
return (manager);
}
}
This class has a static method which will create a new UserManager for you.
Interesting to note that you can include some validation rules you might need to validate password etc etc.
Last thing is to create or database context.
public class MyContext : IdentityDbContext<MyUser, MyRole, string, MyUserLogin, MyUserRole, MyUserClaim>
{
public MyContext(): base("<your connection string here>")
{
}
public static MyContext Create()
{
return new MyContext();
}
protected override void OnModelCreating(DbModelBuilder modelBuilder)
{
base.OnModelCreating(modelBuilder);
modelBuilder.Entity<MyUser>()
.ToTable("Users");
modelBuilder.Entity<MyRole>()
.ToTable("Roles");
modelBuilder.Entity<MyUserRole>()
.ToTable("UserRoles");
modelBuilder.Entity<MyUserClaim>()
.ToTable("UserClaims");
modelBuilder.Entity<MyUserLogin>()
.ToTable("UserLogins");
}
}
As you can see I've used the model builder to change the names all the tables.
You can define keys or fields type or tables relations here.
This is the place where you're going to attach your custom classes you want to manage in your context:
public DbSet<MyCustomer> Customers{ get; set; }
Again MyContext has a Create method which returns a new context:
public static MyContext Create()
{
return new MyContext();
}
Now you should have a startup class where you're going to bootstrap your stuff:
[assembly: OwinStartup(typeof(ASPNETIdentity2.Startup))]
namespace ASPNETIdentity2
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
app.CreatePerOwinContext(MyContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
}
}
}
Here you're going to create your database context and your user manager you can use in your application.
Notice the first line:
[assembly: OwinStartup(typeof(ASPNETIdentity2.Startup))]
This is needed cause you're telling your environment that is the startup class which needs to be called at ... startup.
Now in your controllers you can simply refer to your UserManager doing something like this:
HttpContext.GetOwinContext().GetUserManager<ApplicationUserManager>();
How can you create your tables?
In Visual Studio go to TOOLS -> NuGet Packager Manager -> Package Manager Console.
In the window there's a combobox "Default Project". Choose your ASP.NET MVC project.
Run this command:
Enable-Migrations
It will create a file Configuration.cs in a new folder called Migrations.
If you want to create your database you need to open that file and change the AutomaticMigrationsEnabled to true:
public Configuration()
{
AutomaticMigrationsEnabled = true;
}
Again, from Package Manager Console, you can run:
Update-Database
and all your tables will appear in your database. Don't forget your connection string.
You can download this github project to see how everything works.
You can check these two answers with some other info.
The first of the two has got some links to a blog where you can learn all these things.
NOTE:
You have to do all this if you want to customized every single bit of your environment.
Related
What is the best practice for placing business logic in message based design?
Im using servicestack for building my api.
The wiki shows the example of placing the RequiredRole Attribute on the message instead of the service handling it.
In a sense this [RequiredRole]/[Authenticate] is business logic/security attached to the message.
Concrete example
Say for example i would add DeleteAddress message:
public class DeleteAddress : IReturn<bool>
{
public int AddressId { get; set; }
}
But for this to be properly secure i want to check either Admin Role, permission to ManageAllAddresses or that the AddressId is linked to this user (maybe in session, maybe through a db call).
How would i best go about this?
Proposition
Is the following code the good practice and if so how would i implement it?
[RequiredRole("Admin")]
[RequiredPermission("ManageAllAddresses ")]
[RequiredAddressLinkedToAccount]
public class DeleteAddress : IReturn<bool>
{
public int AddressId { get; set; }
}
ServiceStack's recommendation is to keep your ServiceModel free of dependencies so we'd recommend to annotate your Service implementation classes instead which you can annotate either on the Service class to apply to all Operations or on the individual methods to apply just to that operation, e.g:
[RequiredRole("Admin")]
public class AddressServices : Service
{
[RequiredPermission("ManageAllAddresses ")]
[RequiredAddressLinkedToAccount]
public object Any(DeleteAddress request)
{
}
}
Please note ServiceStack requires your Services to return reference types, which is typically a Response DTO but can also be a string, e.g:
public class DeleteAddress : IReturn<string>
{
public int AddressId { get; set; }
}
To finish of this question. I could make a request filter and add it on the service.
Either inherit from AuthenticateAttribute or Directly from RequestFilterAttribute.
public class RequiredAddressLinkedToAccount : AuthenticateAttribute
{
public RequiredRoleAttribute(ApplyTo applyTo)
{
this.ApplyTo = applyTo;
this.Priority = (int)RequestFilterPriority.RequiredRole;
}
public override void Execute(IRequest req, IResponse res, object requestDto)
{
var dto = requestDto as ILinkedToAccount;
var session = req.GetSession();
if(dto.AccountId == session.Id)
return; //we dont want anything to be blocked if the account Id is there.
//Implement like RequireRoleAttribute
if (DoHtmlRedirectIfConfigured(req, res))
return;
res.StatusCode = (int)HttpStatusCode.Forbidden;
res.StatusDescription = "Address does not belong to you";
res.EndRequest();
}
}
I am currently working on a DDD-based application using Unity IOC container and need a way to pass my custom Principal object to the repository and service layers that would allow for unit testing. How should this be done? My current thoughts are to create a property on the service and repository classes of type IPrincipal. Then use Unity on Application_Start to set and pass in the Principal.
For one, am I on the right track in my thinking?
Two, if not at application_start, which seems like that is not the right place since I need a person to login first before the injections occur, where should this occur?
Three, for Unity, what should the container.RegisterType look like for getting the Principal from Thread.CurrentPrincipal or HttpContext.Current.User?
You can have a PrincipalDto class that will contain the relevant IPrincipal properties you need to use in your Service layer and map the values from the IPrincipal to the PrincipalDto. This way you do not need to include the reference assembly of IPrincipal to the other layers.
Below is an example that uses auto mapping.
public class PrincipalDto
{
public UserId { get; set; }
public Username { get; set; }
public RoleId { get; set; }
}
public class SomeService
{
public void SomeServiceMethod(PrincipalDto principal)
{
// do work here
}
}
public class SomeConsumer()
{
public void SomeConsumerMethod()
{
// where User is the IPrincipal object instance
var principal = Mapper.Map<PrincipalDto>(User);
var service = new Service();
service.SomeServiceMethod(principal);
}
}
I'm using the default template for ASP.NET MVC 5 with EF 6. It generates the Identity model as
public class ApplicationUser : IdentityUser
{
public async Task<ClaimsIdentity> GenerateUserIdentityAsync(UserManager<ApplicationUser> manager)
{
// Note the authenticationType must match the one defined in CookieAuthenticationOptions.AuthenticationType
var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie);
// Add custom user claims here
return userIdentity;
}
}
public class ApplicationDbContext : IdentityDbContext<ApplicationUser>
{
public ApplicationDbContext()
: base("DefaultConnection", throwIfV1Schema: false)
{
}
public static ApplicationDbContext Create()
{
return new ApplicationDbContext();
}
}
I would like to be able to manage and edit the list of users, so I scaffolded the identity model and it added the following line in the ApplicationDbContext class.
public System.Data.Entity.DbSet<QProj.Models.ApplicationUser> ApplicationUsers { get; set; }
I know this is wrong, but I'm not sure how to resolve this.
Here are my steps if you want to manage AspNetUsers table that was generated for you when you enable migrations with all the default settings in place.
First create your controller using MVC 5 Controller with views, using
EFL
Add your controller with the following settings. Use async controller actions should not be selected/checked here since Users DbSet doesn't support async unless we will be using UserManager. That would be a different topic.
Go to the generated controller and rename all instance of ApplicationUsers to Users
Lastly you can now safely delete ApplicationUsers on IdentityModel (on my case, it was line 37)
We need to remove the line 37 as I shown on the last picture since it will fail to build when you run enable-migrations. Since IdentityDbContext<T> itself already contains Users property. So no need to add additional DbSet under ApplicationDbContext class or any class that you declare for that matter. This property by the way was automatically added when you Scaffold ApplicationUser.
These are steps made me successfully scaffolding ApplicationUser:
Refactor ApplicationUser name to something else, like MyAppUser,
Add Controller with EntityFramework, using model MyappUser, this will successfully scaffolding MyAppUser,
The Scaffolding will create property DbSet<MyAppUser> MyAppUsers for ApplicationDbContext, delete it
In newly created controller, change all occurence of db.MyAppUsersto db.Users
Then you're good to go, hope this helps
What I am after is having a partial view that hosts a dropdown list of all available languages in the system. This partial view will be used in many edit templates and will be loaded from a separate controller.
Following the articles and information on the net I have the following implementation:
ViewModel
public class LanguagesViewModel
{
public int SelectedID { get; set; }
public virtual SelectList Languages { get; set; }
public LanguagesViewModel(int selectedID, IEnumerable<Language> languages)
{
SelectedID = selectedID;
Languages = new SelectList(languages, "LanguageId", "Name");
}
}
In the Shared folder I have a file: _LanguageDropDownList.cshtml with
#model XNETProductQuote.Web.Models.LanguagesViewModel
#Html.DropDownListFor(model => model.SelectedID, Model.Languages)
I have a LanguageController that has the following implementation
public ActionResult GetAllLanguages()
{
var languages = service.GetAll();
return PartialView("_LanguageDropDownList", new LanguagesViewModel(1, languages));
}
So the above is meant to load the drop down list in that partial view so I can use it in other templates.
From a template that is loaded from a different controller (ApplicationSetting) I call the partial view using:
#Html.Action("GetAllLanguages", "LanguageController")
This doesn't work. It throws an exception:
The controller for path '/ApplicationSetting/Edit/1' was not found or does not implement IController.
What is the correct implementation for such scenario?
Thanks
In Asp.Net MVC when we make a new controller then 'Controller' postfix is automatically attached to the Controller Name for ex:- in your case if you give 'Language' name to the controller then controller's complete name will be like 'LanguageController',so where ever you want to give controller name you have to use only 'Language' not 'LanguageController' and one of the overloads of #Html.Action() is ControllerName which is only 'Language' and not 'LanguageController' ,So in your problem just change #Html.Action("GetAllLanguages", "LanguageController") with #Html.Action("GetAllLanguages", "Language") and your problem will be solved.
I'm attempting to use the SimpleRepository to perform a fetch based on a non-ID property. Here's the Customer class I'm using:
[Serializable]
public class Customer : IEntity<Guid>
{
public Guid ProviderUserKey { get; set; }
public Guid ID
{
get; set;
}
}
I'm using SimpleRepository with migrations turned on. The code that throws the "Lambda Parameter not in scope" is below:
public class CustomerRepository :
ICustomerRepository
{
private readonly IRepository _impl;
public CustomerRepository(string connectionStringName)
{
_impl = new SimpleRepository(connectionStringName,
SimpleRepositoryOptions.RunMigrations);
}
public Customer GetCustomer(string userName)
{
var user = Membership.GetUser(userName);
// Code to guard against a missing user would go here
// This line throws the exception
var customer = _impl.Single<Customer>(c => c.ProviderUserKey.Equals(user.ProviderUserKey));
// Code to create a new customer based on the
// ASP.NET Membership user would go here
return customer;
}
}
I'm not sure at what point in the LINQ expression compilation this throws, but I am running this example on an empty database. The schema generations gets far enough to create the table structure, but can't evaluate the expression.
Does anyone know what I might be doing wrong?
Thanks!
I've had reports of this - can you add this (and your code) as an issue please?