Clever Geek Handbook

ASP.NET MVC id with existing custom table

I am creating a new web application that needs to authenticate users against an existing user table that exists from another web application. User registration, forgotten password, etc. Handled in this application. All I need in my new application is a login.

I was wondering if it is possible to overwrite some Identity class to point to this table for user authentication so that I can use existing Identity features like the [Authorize] attribute on controllers and redirect back to the login page etc.

+3


source to share


2 answers


I had the same situation as you when trying to upgrade my legacy system to OWIN authentication, I also had my own user table and authentication workflow, which are completely different from the ASP.NET Identity offerings.

First, I tried to set up ASP.NET Identity, but it was not sorted this way. My Identity thought was painful and much more difficult to customize for a legacy application as it has many abstract layers.



I eventually came up with a solution to strip ASP.NET Identity and manage the claim identity myself. It's incredibly simple, my below is a simple demo code - how to login with OWIN without ASP.NET Identity, hope it helps:

private void OwinSignIn(User user, bool isPersistence = false)
{
    var claims = new[] {
                new Claim(ClaimTypes.Name, user.Name),
                new Claim(ClaimTypes.Email, user.Email)
            };

    var identity = new ClaimsIdentity(claims, DefaultApplicationTypes.ApplicationCookie);

    var roles = _roleService.GetByUserId(user.Id).ToList();
    if (roles.Any())
    {
        var roleClaims = roles.Select(r => new Claim(ClaimTypes.Role, r.Name));
        identity.AddClaims(roleClaims);
    }

    var context = Request.GetOwinContext();
    var authManager = context.Authentication;

    authManager.SignIn(new AuthenticationProperties { IsPersistent = isPersistence }, identity);
}

[HttpPost]
public ActionResult Login(LoginViewModel model, string returnUrl)
{
    if (!ModelState.IsValid)
        return View();

    var user = _userService.GetByEmail(model.Email);
    if (user != null && (user.Password == model.Password))
    {
        OwinSignIn(user, model.RememberMe);
        return RedirectToLocal(returnUrl);
    }

    ModelState.AddModelError("", "Invalid email or password");
    return View();
}
+2


source


You can have Identity in a separate database without issue if it has an identity format. Point the Usermanager / Rolemanager command to another database using a connection string.

If the existing authentication is not an authentication setting, you will not be able to use the authentication system to connect to another database out of the box. Identification frames assume a specific format. You can rewrite the managers to understand your user format in the database if you meet the minimum requirements as stated in the comments below.



You can always write your own OWIN behavior. See @ Cuong Le example

0


source






More articles:


All Articles