ASP.NET身份-自定义身份验证的步骤

Question

Envrionment: Visual Studio 2013, ASP.NET MVC 5

On the new MVC5-based project I will be working on, I need to use a custom database that stores usernames, passwords, and roles in its own way. I am searching the Internet to look for an example for custom authentication. Looks like the old-style "membership provider" classes have been replaced by the new "Identity" mechanism.

However, finding a good step-by-step example has proven to be futile. There are a few links (published this year) that talk about implementing custom IPrincipal and DbContext classes. Some other links talk about implementing IUserLoginStore and IUserPasswordStore . A few others hinted on implementing IUser , IUserStore interfaces.

Maybe the last option is what is needed. Can someone please guide me with the steps or point me to any link that has a simple example? Something like:

1. Implement MyUser based on IUser
2. Implement MyUserStore based on IUserStore
3. Modify web.config to use MyUserStore
4. Remove DefaultConnection from web.config as it is not required

Regards.

Answer 1

First, stop. Stop thinking about "custom authentication". You don't need custom authentication, you just need custom storage of authentication data.

ASP.NET Identity has abstracted out the storage mechanism of authentication from the process of authentication. There are several interfaces that follow the pattern IxxxStore.. Such as IUserStore, IRoleStore, etc...

You can find more information about this here, along with custom implementations for various databases which you can probably convert to your own needs.

http://odetocode.com/blogs/scott/archive/2014/01/20/implementing-asp-net-identity.aspx

As an example, here is a RavenDB implementation that uses all the various interfaces in a single class.

https://github.com/tugberkugurlu/AspNet.Identity.RavenDB/blob/master/src/AspNet.Identity.RavenDB/Stores/RavenUserStore.cs

However, all this assumes you really truly a need to store data totally differently. If you just need to store the data in different columns, then it may simply be as easy as overriding OnModelCreating in your IdentityContext and changing the names of the columns in use.

Answer 2

ad.1.

public class ApplicationUser :IUser
    {
        public string Id
        {
            get; 
            set;
        }

        public string UserName
        {
            get;
            set;
        }
    }

ad.2.

 public class MyStore : IUserStore<ApplicationUser>, IUserPasswordStore<ApplicationUser>, IUserSecurityStampStore<ApplicationUser>, IUserEmailStore<ApplicationUser>
    {
... //implement all interfaces here 
}

ad. 3. Now you can create your applicationUserManagerService (you will need IdentityMessageService, and IDataProtectionProvider):

 var applicationUserManagerService = new ApplicationUserManagerService(new MyStore(), emailService, dataProtectionProvider);

Try to use IoC and register your IUserStore (I did it this way - link below):

unityContainer.RegisterType<IUserStore<ApplicationUser>, MyStore>();

check also my answer here (i'm using int as UserId there): AspIdentiy ApplicationUserManager is Static, how to extend so it participates in my IoC framework?