Monday, 26 May 2014

A look at asp.net Identity

Introduction

So many good things are being trumpeted about asp.net identity by the big boys in the community. Things like how cool the asp.net identity is, how great the OWIN context is and how its the in-thing now, how two factor security guarantees absolute security for your app users among others . Though most some of these hypes are probably true, the questions that comes to mind is

  1. How is it better than what we already have?
  2. Why should one drop the good old membership system, its offspring the simple membership and start afresh to learn a completely new security system?
  3. What does it have to offer? among others.

I am not claiming that I have all the answers to these questions and many others that comes to mind but we will go through the whole process and see for ourselves what it is really and how we can benefit from the this new thing.

The asp.net Identity is instituted on three major .dll libraries, these are


  1. Microsoft.Aspnet.Identity.EntityFramework
  2. Microsoft.Aspnet.Identity.Core
  3. Microsoft.Aspnet.Identity.Owin

Microsoft.Aspnet.Identity.EntityFramework

This class library contains the data persistent part of asp.net identity that works with Entityframework. It is used for persisting the user details to the database. It contains the IdentityDbContext, IdentityUser, IdentityRole, IdentityUserLogin and IdentityUserClaim with their generic types. This can be installed using nuget console manager in visual studio  by running.

PM> Install-Package Microsoft.AspNet.Identity.EntityFramework

Which installs the EntityFramework and the Microsoft.Aspnet.Identity.Core by default as dependencies.

Microsoft.Aspnet.Identity.Core

This contains the core implementation of the asp.net identity design which is based on a set of interfaces like IUser, IUserClaimStore, IUserLoginStore, IUserPasswordStore among others. It also houses the default implementation of the these interfaces such as RoleManager, UserManager, UserLoginInfo typically used for managing roles, account and logins. This can be installed alone (as it has no dependencies) by running the following via nuget console manager in visual studio.

PM> Install-Package Microsoft.AspNet.Identity.Core

Microsoft.Aspnet.Identity.Owin 

This houses the Owin middleware used for the authentication of accounts both through third party system, local accounts systems and generation of cookies and user tokens which stores the authentication related information. When installed via visual studio nuget package manager, it also installs the above listed packages with a few others like Microsoft.Owin.Security, Microsoft.Owin.Security.Cookies, Microsoft.Owin.Security.Oauth as dependencies. 

PM> Install-Package Microsoft.AspNet.Identity.Owin

This is also the most recommended approach to install asp.net identity as it short circuits all the former installations and installs other packages needed by Asp.net Identity.

Conclusion

In this post we looked at some of the class libraries that houses the new authentication system introduced by microsoft along with visual studio 2013. In the next post we will look at why MS introduced a new authentication system and some of the core interfaces. Happy coding....

No comments:

Post a Comment