ASP.NET Identity


ASP.NET Identity is the membership system for ASP.NET apps

 

 

Initialize ASP.NET Identity

 

ASP.NET Identity when the application starts. Since ASP.NET Identity is Entity Framework based sample, create DatabaseInitializer which is configured to get called each time the app starts. 

 

  •          When should the Initializer run and when should the database be created
  •          Create Admin user
  •          Create Admin role
  •          Add Admin user to Admin role

 

Validation

 

When create a User using a username or password, the Identity system performs validation on the username and password, and the passwords are hashed before they are stored in the database. Customize the validation by changing some of the properties of the validators such as Turn alphanumeric on/off, set minimum password length or write own custom validators and register them.

 

Social Logins

 

You can the support so that users can login using their Facebook, Google, Twitter, Microsoft Account and more.

 

Basic User Management

 

Create, Update, List and Delete Users. Assign a Role to a User. 

 

Basic Role Management

 

Create, Update, List and Delete Roles.  

Account Confirmation

 

When user register a new account, it will be sent an email confirmation. 

 

Two-Factor Authentication

 

This sample shows how you can use Two-Factor authentication. This sample has a SMS and email service registered where you can send SMS or email for sending the security code. 

Account Lockout

 

Provide a way to Lockout out the user if the user enters their password or two-factor codes incorrectly. The number of invalid attempts and the timespan for the users are locked out can be configured.

 

Security Token provider

 

Support a way to regenerate the Security Token for the user in cases when the User changes there password or any other security related information such as removing an associated login(such as Facebook, Google, Microsoft Account etc). This is needed to ensure that any tokens generated with the old password are invalidated. In the sample project, if you change the users password then a new token is generated for the user and any previous tokens are invalidated. This feature provides an extra layer of security to your application since when you change your password, you will be logged out from everywhere (all other browsers) where you have logged into this application.

 

  •          The provider is registered when you add CookieAuthentication in StartupAuth to your application.

 

Password Reset

 

Allows the user to reset their passwords if they have forgotten their password. In this sample users need to confirm their email before they can reset their passwords.

 

Custom Storage providers

 

ASP.NET Identity to write own custom storage provider for storing the ASP.NET Identity system and user data in a persistance system of your choice such as MondoDb, RavenDb, Azure Table Storage etc. 

 

Last edited Oct 4, 2014 at 6:01 PM by bth_vijay, version 2