User management role in asp.net

Question

I am trying to use Asp.net built in user role management but not able to make it work. I have been trying different approaches. The one I am trying to do is that run a Test controller and initialize some users and assign them a user role.

string newRoleName = RoleName.Trim();

 if (!Roles.RoleExists(newRoleName)) // here I get timeout error
    // Create the role
    Roles.CreateRole(newRoleName);

The other approach I am trying is this,

       var roleManager = new RoleManager<IdentityRole>(new RoleStore<IdentityRole>()); // here I get this error

      // The context cannot be used while the model is being created. This exception may be thrown if the context is used inside the OnModelCreating method or if the same context instance is accessed by multiple threads concurrently. Note that instance members of DbContext and related classes are not guaranteed to be thread safe.

        var appUser = new ApplicationUser
        {
            UserName = model.Email,
            Email = model.Email
        };

        IdentityResult identityUserResult = UserManager.Create(appUser, model.Password);

        roleManager.Create(new IdentityRole("Admin"));

        UserManager.AddToRole(appUser.Id, "Admin");

I am not sure how to make it work. Can anybody point me towards a good tutorial? I am using azure as my storage and the frameworks version is 4.5

Answer 1

Introduction to ASPNet Identity

The ASP.NET membership system was introduced with ASP.NET 2.0 back in 2005, and since then there have been many changes in the ways web applications typically handle authentication and authorization. ASP.NET Identity is a fresh look at what the membership system should be when you are building modern applications for the web, phone, or tablet.

ASPNet MVC and ASPNet Identity - Understanding the Basics

On March 20, 2014, the ASP.NET team released the RTM version 2.0 of the new Identity framework. The new release brings with it some long-awaited new features, and marks a substantial expansion of the security and authorization capabilities available to ASP.NET applications of all types.

The ASP.NET Identity framework was originally introduced in 2013 as the follow-on to the ASP.NET Membership system, a staple of MVC applications for several years, but which was beginning to show its age. Originally, ASP.NET Identity presented a useful, if somewhat minimal API for managing security and authorization in the context of a public-facing web application built using ASP.NET. The Identity framework introduced modern features such as social network log-in integration, and easily extensible user model definitions. The new RTM release introduces the following features, among others:

• Extended User Account Definition, including Email and contact information Two-Factor Authentication via email or SMS messaging, functionally similar to that used by Google, Microsoft, and others
• Account Confirmation via email
• Administrative management of Users and Roles
• Account Lock-Out in response to invalid log-in attempts
• Security Token Provider to regenerate a user's security token in response to changes in security settings.
• Improved support for Social log-ins
• Easy Integration of Claims-Based Authorization

Identity 2.0 represents a substantial revision from the original version introduced last year. With the numerous new features, comes some added complexity. If, like myself, you had just recently found your way through the first iteration of the Identity framework, be ready. While you won't be starting over from scratch with version 2.0, there is a lot to learn.