Create Identity In Simple Ways Using ASP.NET MVC 5

Introduction

This article explains about the basics of Identity, how to create identify, and uses of Identity, in a very simple way, using ASP.NET MVC5.

Definition

Identity is a secured way of authentication methods in web applications. It is used for identifying the authorized user.

Background

There are different ways of creating an Identity in applications, but this article explains how to create it using OWIN in ASP.NET MVC. OWIN is very helpful for creating the Identity for applications without writing a lot of code. Identity is used to find and allow the users to enter the application based on their authentication and authority. It does not allow anonymous users to enter the application.

Assembly

There are three important assemblies used for creating Identity. These assemblies help the programmer in developing the Identity without writing thousands of lines of code in ASP.NET MVC application. These important assemblies are:

  1. Microsoft.Asp.Net.Identiy.Core
  2. Microsoft.Asp.Net.Identiy.EntityFramework
  3. Microsoft.Asp.Net.Identiy.Owin

    Assembly

OWIN

ASP.NET MVC and ASP.NET Core supports the Open Web Interface for .NET (OWIN). OWIN is an interface between .NET web applications and web server. The main goal of the OWIN interface is to decouple the server and the applications. It acts as middleware.

ASP.NET MVC, ASP.NET applications using middleware can interoperate with OWIN-based applications, servers, and middleware. It helps develop different types of authentication methods.

OWIN

OWIN helps Facebook, Google, and Microsoft Accounts, and Twitter authentications. It acts as a middleware for those authentication programs. The following diagram shows the assembly for Facebook, Google, Microsoft Accounts, and Twitter.

assembly

Steps for creating Identity in ASP.NET MVC

The following steps explain how to create Identity in ASP.NET web applications.

Step 1

Open a new project in Visual Studio and select Visual C#. In Visual C#, select ASP.NET Web Application and give the project name. Click OK.


Visual C#

Step 2: Select MVC template from template type and click Change Authentication button.

MVC

Step 3

We can use different types of Authentication. Now, we are going to choose Individual User Accounts and click OK button.

For applications that store user profiles in SQL Server database, users can register or sign in using their existing accounts for Facebook, Twitter, Google, Microsoft, or another provider in Individual User Accounts.

Individual User Accounts

Step 4

After choosing the type of authentication, in your Controller, go back to the previous window and again click OK. It takes a few minutes to open the application. After that, click OK button.

application

Step 5

After opening the project, click “Startup.cs” in Solution Explore and we can see the starting page where OWIN assembly starts.

code

Right click on “ConfigureAuth(app)” and go to definition page where we can see an auto-generated code .

code

We can see different types of authentication in OWIN above the marked part of image. When using OWIN Identity, the code is generated automatically. The developer needs not write much code.

Step 6

Now, compile the application. If there are no errors, run the application. After running application, we can see “Register” and “Login” link on the top-right side in application.

Register
Click login link and give your credential. Now, you can enter the application.

Step 7

If you are a new user, click register link and register your username and password to enter the application.
Register

If you are an existing user, click Login. You can enter directly using your credential.

Login

After Logging in successfully, we can see our username on the top-right side of our application.

application

Step 8

We can use the Identity in any page in this application. We are going to enable Identity in one of the new pages in ASP.NET MVC applications.

Create a Controller in View page and enable Identity using attribute with the help of OWIN middleware.

After adding Controller, we will be adding the following code in “Test” Controller.

Code before enabling the Identity
  1. using System;  
  2. using System.Collections.Generic;  
  3. using System.Linq;  
  4. using System.Web;  
  5. using System.Web.Mvc;  
  6.   
  7. namespace NewIdentity.Controllers  
  8. {  
  9.     public class TestController : Controller  
  10.     {  
  11.         // GET: Test  
  12.         public ActionResult Identity()  
  13.         {  
  14.             return Content("We are using Identity");  
  15.         }  
  16.         public ActionResult NonIdentiy()  
  17.         {  
  18.             return Content("We are not using Identity");  
  19.         }  
  20.     }  
  21. }  
It will not ask for any credentials while running the application using the following URL
 
http://localhost:51868/Test/Identity
 
Because it does not use any attribute for enabling Identity, if you enable the Identity using attribute, each time it will ask for the credentials. URL might differ for you based on your project Controller, View and port number.

URL

Code after enabling the Identity
  1. using System;  
  2. using System.Collections.Generic;  
  3. using System.Linq;  
  4. using System.Web;  
  5. using System.Web.Mvc;  
  6.   
  7. namespace NewIdentity.Controllers  
  8. {  
  9.     public class TestController : Controller  
  10.     {  
  11.         // GET: Test  
  12.         /// <summary>  
  13.         /// Identity In Action Result Level  
  14.         /// </summary>  
  15.         /// <returns></returns>  
  16.         [Authorize]  
  17.         public ActionResult Identity()  
  18.         {  
  19.             return Content("We are using Identity");  
  20.         }  
  21.         public ActionResult NonIdentiy()  
  22.         {  
  23.             return Content("We are not using Identity");  
  24.         }  
  25.     }  
  26. }  
Using “Authorize” attribute, one can enable the Identity. The above code explains how to enable Identity that enables Controller level or Action method level.

Identity in Controller Level
  1. using System;  
  2. using System.Collections.Generic;  
  3. using System.Linq;  
  4. using System.Web;  
  5. using System.Web.Mvc;  
  6.   
  7. namespace NewIdentity.Controllers  
  8. {  
  9.     /// <summary>  
  10.     /// Identity in Contoller Level  
  11.     /// </summary>  
  12.     /// <returns></returns>  
  13.    [Authorize]  
  14.    public class TestController : Controller  
  15.     {  
  16.         // GET: Test  
  17.         public ActionResult Identity()  
  18.         {  
  19.             return Content("We are using Identity");  
  20.         }  
  21.         public ActionResult NonIdentiy()  
  22.         {  
  23.             return Content("We are not using Identity");  
  24.         }  
  25.     }  
  26. }  
If you run the application, it will directly redirect to login page because we have enabled the Identity. Now, run it using “http://localhost:51868/Test/Identity” URL. 

login

After entering your credentials, it will redirect to your corresponding View and you can see the final page.

page

If you do not need identity for a particular Action method, we can disable it using “AllowAnonymous” attribute. Now, run “http://localhost:51868/Test/NonIdentiy” URL does not redirect to login page. It directly runs the given URL because we use AllowAnonymous attribute.

Code For Anonymous
  1. namespace NewIdentity.Controllers  
  2. {  
  3.       
  4.     [Authorize]  
  5.     public class TestController : Controller  
  6.     {  
  7.         // GET: Test  
  8.         public ActionResult Identity()  
  9.         {  
  10.             return Content("We are using Identity");  
  11.         }  
  12.         /// <summary>  
  13.         /// Disable identity to particuler action result  
  14.         /// </summary>  
  15.         /// <returns></returns>  
  16.         [AllowAnonymous]  
  17.         public ActionResult NonIdentiy()  
  18.         {  
  19.             return Content("We are not using Identity");  
  20.         }  
  21.     }  
  22. }  
Database in Identity

When we create Identity in ASP.NET MVC, the database connection is created automatically and stores your credentials. We can see the database connection in “Web.config” at connectionString tag.

code

Our db created an “.mdf” file in App_Data folder. When we see App_Data folder, we see no file. Go to Solution Explorer on  the top of the right side, click all files icon. After clicking the all files icon, we can see “.mdf” file in App_Data.

See the screenshots below:

App_Data


App_Data

We can see all tables in database after expanding the database folder. Go to menu bar, select View, and click Server Explorer.

App_Data

In Server Explorer, under table folder we can see all tables as well as View, Store Procedures, and other needed folders. “AspNetUsers” table is a main table that stores our credentials.

Right click on AspNetUser table and click New Query, like the below screen.

Query

Now, write select query and run it in query window. Here, we can see all the credentials.

Query

Database Connection

View pages connected to the database using Entity framework. ”IdentityConfig.cs” is mainly for identity, it is located inside of “App_Start” in Solution Explorer. All database coding is placed in IdentityConfig.cs. It is auto-generated code. Inside of a marked line, the code is for connecting to the entity framework.

code

Right click on ApplicationUser class and go to definition. Now, we can see the Web.config connection string name placed inside ApplicationDbContext class. Here, we connect the database using Web.config connection string.

code

Conclusion

This article helps to learn the basics of Identity in ASP.NET MVC.. The next part of the article will explain the role of Identity with users. I hope this article helps many developers.

X

Build smarter apps with Machine Learning, Bots, Cognitive Services - Start free.

Start Learning Now