Skip to content

Latest commit

 

History

History
151 lines (123 loc) · 6.18 KB

README.md

File metadata and controls

151 lines (123 loc) · 6.18 KB

AspnetCoreAuth_RolandGuijt


Chapter 2 Understanding Authenticationa and Authorization

    the sequence is important
  • app.UseRouting();
  • app.UseAuthentication();
  • app.UseAuthorization();
    Secure the password
  • public User GetByUsernameAndPassword(string username, string password)

ClaimPrincipleIdentityClaim

Cookies

  • check user cookie for login

Or inherited from public class ClaimsTransformer : IClaimsTransformation
```
@if (User.Identity.IsAuthenticated) {

Hi @User.Identity.Name!

Logout } else {

Login here:

Login
        }
```

OAuthOpenID

  • Manager google config using right click project -> Manger User Secrects UseSecretId

  • Multiple authentication

MultipleLogin

Chapter 3 Implementing authentication with aspnet core identity

  • Create project with Identity authentication
  • Login features LoginFeatures
    public class ApplicationUser : IdentityUser
    {
        public DateTime CareerStartedDate { get; set; }
        public string FullName { get; set; }
    }

CustomizeIdentityPage2

  • Customized claims
    or public class ClaimsTransformer : IClaimsTransformation
        public ApplicationUserClaimsPrincipalFactory(
            UserManager<ApplicationUser> userManager,
            RoleManager<IdentityRole> roleManager,
            IOptions<IdentityOptions> options
            ): base (userManager, roleManager, options)
        {
        }

        protected override async Task<ClaimsIdentity> 
            GenerateClaimsAsync(ApplicationUser user)
        {
            var identity = await base.GenerateClaimsAsync(user);

            identity.AddClaim(new Claim("CareerStarted",
                user.CareerStartedDate.ToShortDateString()));
            identity.AddClaim(new Claim("FullName",
                user.FullName));

            return identity;
        }

CustomizedClaims

  • Customize role or inherit RoleIdentity RoleIsClaims
public class IdentityHostingStartup : IHostingStartup

        public void Configure(IWebHostBuilder builder)
        {
            builder.ConfigureServices((context, services) =>
            {
                services.AddDbContext<ConfArchWebContext>(options =>
                    options.UseSqlServer(
                        context.Configuration
                            .GetConnectionString("ConfArchWebContextConnection")));

                services.AddIdentity<ApplicationUser, IdentityRole>(options =>
                    options.SignIn.RequireConfirmedAccount = true)
                    .AddEntityFrameworkStores<ConfArchWebContext>()
                    .AddDefaultUI()
                    .AddDefaultTokenProviders();

                services.AddScoped<IUserClaimsPrincipalFactory<ApplicationUser>,
                    ApplicationUserClaimsPrincipalFactory>();
                services.AddTransient<IEmailSender, EmailSender>();

                services.AddAuthentication()
                    .AddGoogle(o =>
                    {
                        o.ClientId = "686977813024-1pabqkfoar3btu6tsh7puhu3pogcivi0.apps.googleusercontent.com";
                        o.ClientSecret = context.Configuration["Google:ClientSecret"];
                    });
            });
        }
        
        public ApplicationUserClaimsPrincipalFactory(
            UserManager<ApplicationUser> userManager,
            RoleManager<IdentityRole> roleManager,
            IOptions<IdentityOptions> options
            ): base (userManager, roleManager, options)
        {
        }
        
  • Send email image

  • two factor authentication to use QR code scan image https://4sh.nl/qrcodejs image

  • Link google account to internal login
    image

  • Identity server image

  • Oauth2 and OpenIdConnect
    image