Getting Started With New Release: AspNet.Identity 2.0.0-beta 1

Introduction

 
There is a new preview version of ASP.NET Identity that was released yesterday. There are two main changes done in this release, support for the Two-Factor Authentication and bug fixes. The alpha1 version of ASP.NET Identity was released in December 2013 and I've already mentioned it in ASP.NET Identity Preview and you can also find various features that are released with that release.
 
In the same context, in this article, you'll learn the features in this new beta1 release of ASP.NET Identity and you'll see how to use it in your application using ASP.NET Identity Samples.
 
Getting Started
 
You can have the various new features related to ASP.NET Identity from the NuGet Package Gallery or the Package Manager Console. In the application you can update or install it with the following commands that are used in the Package Manager Console:
  • Install-Package Microsoft.AspNet.Identity.EntityFramework -Version 2.0.0-beta1 -Pre
  • Install-Package Microsoft.AspNet.Identity.Core -Version 2.0.0-beta1 -Pre
  • Install-Package Microsoft.AspNet.Identity.OWIN -Version 2.0.0-beta1 -Pre
  • Install-Package Microsoft.AspNet.Identity.Samples -Version 2.0.0-beta1 -Pre
Well, as I said earlier you can also have these features from the NuGet Package Gallery so that please make sure to select the "Include Prerelease" option when you search for these.What's in this release?As I mentioned above that there are two main changes done in this release, so I am explaining them in the following procedure.
 

Two-Factor Authentication

 
The two-factor authentication is now available in the ASP.NET Identity. This is used in the application to provide more security for the user account in the case where the password is compromised. There are many websites in which when a user creates an account with a username and the password and sometimes the user provides a weak password that can lead to user accounts being compromised.
 
So, focusing on security, it is mandatory to provide the second factor of authentication after entering the username and password by the user. The two-factor authentication allows you to authenticate the user with something only a user possesses such as a contact or an email id. It also involves sending the user a code to something that can also accessible by the user like a code sent as an SMS to the user's phone or an email to the user's id. When the user enters the code through the phone or email, it is confirmed that the user is authorized.
 
Now you can send the code in the phone or email that are the tw0-factor providers by the use of ASP.NET Identity and we can easily configure it to send a text message or email. You can extend and write your own providers such as QR code generators and use the Authenticator apps on phones to validate them.
 
The user can also manage the two-factor authentication options by enabling or disabling the two-factor authentication in the user account. We can see it in the sample ASP.NET Identity. The user can also have the benefit of choosing the remember option of the two-factor authentication if the device they are accessing the website is a personal device and while logged into the device, they are not asked after verifying the authentication each time. We can also see this in most of the websites in the current scenario.
 
Indexing on Username
 
In the ASP.NET Identity Entity Framework implementation, there is now unique index support added to the Username using the new IndexAttribute in the Entity Framework 6.1.0- Beta 1. With the use of this, the username is always unique and the user cannot insert the duplicate values for the username.
 
Enhanced Password Validator
 
We have already seen in the ASP.NET Identity 1.0 that the password validator only validates the minimum length that is a fairly basic validation. Now the password validating is more enhanced with this release with which you have more control over the complexity of the password, as you can see in the following code (Identity Sample Application):
  1. // Configure validation logic for passwords   
  2. manager.PasswordValidator = new PasswordValidator {  
  3.    RequiredLength = 6,   
  4.    RequireNonLetterOrDigit = false,   
  5.    RequireDigit = false,   
  6.    RequireLowercase = false,   
  7.    RequireUppercase = false,  
  8. }; 
The code defined above is very straight forward. You can find it in the IdentityConfig.cs of the Identity Sample Application that is explained in the following procedure.
 
Sample of ASP.NET Identity
 
In this section, we'll define and create the sample application of ASP.NET Identity using the following procedure.
 
Step 1: Open Visual Studio 2013 and click on "New Project".Step 2: Select the ASP.NET Web Application and enter the name as shown below:
 
Creating ASP.NET Web Application
 
Step 3: Select the Empty Project Template to develop the application as in the following:
 
Empty Project Template in VS 2013
 
Step 4: Open the Package Manager Console and enter the commands defined at the top in here one by one.
 
Identity Sample in Package Manager Console
 
After installing the packages, there are many new files and folders added to the project. Have a look:
 
Solution Explorer in Identity Sample
 
Step 5: Run the application and you can see the Home Page of the application as in the following:
 
Identity Sample Home Page
 
Step 6: Click on the "Register" link to create an account.
 
Registering User in Identity Sample
 
As you can in the preceding screenshot, the Email is required for creating an account so that the user can confirm it through the email provided. When you click on Register a demo confirmation page will open as in the following:
 
Emial Link Confirmation in Identity Sample
 
Step 7: Click on login to login into the application.
 
LogiIn in Identiy Sample App
 
 
Step 8: Log off from the application.Issues Fixed in 2.0.0-Alpha1There are some of the features listed below that are fixed in the alpha1 release:
  • Account Confirmation
  • Password Reset
  • Security Token Provider
  • Support IQueryable on Users and Roles
  • Delete operation from UserManager
Entity Framework 6.1.0-Beta1
 
The ASP.NET Identity new version 2.0.0-beta1 depends upon the Entity Framework 6.1.0-Beta1 that was also released with this release. I'll define it in my further article.
 

Summary

 
This article described the new ASP.NET Identity 2.0.0-Beta1 and Entity Framework 6.1.0-Beta1 released by Microsoft. So just try it and enjoy it. Thanks for reading and Stay Updated.