Adding user registration to IdentityServer4 - asp.net-core

I am using IdentityServer template is4aspid, which comes with asp.net identity, I would like to add a register page to it. I don't want to do it on my main MVC app as I don't want it to have access to the users DB, and hence the identityServer already has that reference, I thought it would be better to just add the registration step to it.
I copied the Register.cshtml page from another asp.net webapplication, where I scafolded the identity, but when I click on register, nothing happens, not sure what is happening
.
As you can see in the picture above, after clicking on the Register link, the url changes to the one supposed to provide the registration form, but the page remains the same of the login form.
I added the following line to _Layout.cshtml

Related

ASP.NET Core Empty Template add User object

When I create an ASP.NET Core web app project, it by default has the logged in user in the top right corner of the page. Problem is that when I make an ASP.NET Core empty project, the user object is not available?
My question is how do I add the user object to a empty template?
In case it is relevant, I need this to get the current logged in Windows user, I don't need any user management, just need to identify who is logged in.

How to show the .Net Core Identity RazorPage somewhere other than its default location?

.Net Core 6, MVC, and your basic authentication with Identity set up (which is RazorPages only), but I want my Home/Index.cshtml page to "host" the Identity/Account/Login page, preferably without having to resort to an iFrame.
Everything I've seen so far is simply how to build the Login page, but nothing on how to put the page somewhere besides its default location.
How do I put the Login form/page on my MVC Home/Index.cshtml page?
How do I put the Login form/page on my MVC Home/Index.cshtml page
Login page is a razor page not a partial view, so you cannot use <partial> to add Login page in the Index view. You can put your code for login in the Index.cshtml, but you may need change a lot, like building the Login page.
If you add below code in the _layout, so that you can login at any view you want.
<partial name="_LoginPartial" />
result:

Customize Identity Server 4 Login UI for Hosted Blazor WebAssembly

I have a solution based on the Visual Studio template that is successfully using IdentityServer4.
What think I understand is:
The IS4 integration implements endpoints at /authentication/{action}, e.g. authentication/login
IS4 routes that request to host/Identity/Account/Login.cshtml. I have scaffolded identity so I can see that .cshtml file in my project.
The code-behind Login.cshtml.cs takes care of speaking with SignInManager, etc.
In the client project the "LoginDisplay.razor" component redirects to /authentication/login when I click the login button. I presume that this is where step 1 above is invoked, which redirects to the location in step 2.
Fine. Now, I want to customise the whole login UI.
From instructions at: https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/additional-scenarios?view=aspnetcore-5.0 I can see that:
I can configure authentication paths to be anything I want. For example:
builder.Services.AddApiAuthorization(options => {
options.AuthenticationPaths.LogInPath = "security/login";
})
So, I have created a razor component to handle security/login:
#page "/security/{action}"
#using Microsoft.AspNetCore.Components.WebAssembly.Authentication
<RemoteAuthenticatorView Action="#Action">
<LoggingIn>
This is the new login page
</LoggingIn>
</RemoteAuthenticatorView>
#code{
[Parameter] public string Action { get; set; }
}
My expectation was that after clicking "Login", I would be routed to the above and presented with a page that just said:
"This is the new login page"
and thought that from there, I would:
Customise the UI within the <LoggingIn> fragment.
Make a call to an API that would then replicate the logic in the scaffolded login.cshtml file that actually logs the user in.
That line of code from the login.cshtml.cs file looks like this:
var result = await _signInManager.PasswordSignInAsync(
Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: false);
However, it seems that the razor component I created for /security/login is simply a 'transient' message that appears before being routed to the scaffolded login.csthml file.
So, to me, it seems that I am unable to actually change the physical page used to collect the user's credentials. I am only able to change the transient screen that appears before the originally scaffolded login page is shown.
Does this mean that if I want a customised UI for logging in I need to directly edit the scaffolded page as opposed to creating a whole new UI in the WebAssembly project that calls an APIController that I create to take care of using SignInManager?
It would actually be a lot less work to do that than to take the approach of creating a Client-side UI that calls an API that I create, etc. so, with hindsight, editing the scaffolded cshtml file is probably the best way to go. But am still confused as to what value is really being brought by being able to configure options.AuthenticationPaths.LogInPath.

Blazor Identity Scaffolding with the _Host.cshtml file as Layout

I created a Blazor Application with Authentication (Individual User Accounts). Everything works fine as it is, but I want to customize the - let's say - login page. Also, the auto-generated layout annoys me. So I scaffolded the login using Add -> New Scaffolded Item -> Identity -> Selected Login and OK. For the Layout File I chose _Host.cshtml, the one that the rest of my Blazor application uses as well. If I now select "login" in my webpage, I get this Error:
InvalidOperationException: The model item passed into the ViewDataDictionary is of type 'BlazorIdentityTest.Areas.Identity.Pages.Account.LoginModel', but this ViewDataDictionary instance requires a model item of type 'BlazorIdentityTest.Pages.Pages__Host'.
So my question is: How do I get around this error? Is it even possible to use this Layout file with the Identity system? If not, is there another way to use the Blazor layout instead of the default from the Identity System?
I'm using the .Net Core 3.1.100 SDK.

ViewStateException - Validation of viewstate MAC failed - Sitefinity ASP.NET MVC with Jquery Mobile

I am getting this error most of the time when I submit my form. I am using Sitefinity 6.2 with ASP.NET MVC 4.0 and JQuery Mobile.
As I have Sitefinity in Hybred mode I am using the #Html.BeginFormSitefinity() command to create the form. On the Controller I have my action with the [HttpPost] attribute. The code always hits my default action on the controller with no problem. No matter what I put in the form when I submit I only get an error message on the page...never hits the HttpPost action.
I've looked around and there are many pages with fixes for the MAC failed issue, but none are working for me. I have a machine key in the web.config and I am NOT going to set enableViewStateMac to false as that is a security hole.
OK I tried working with both of the below solutions but they are both really bad. Here is what I am doing now, which is still not great, but I have Sitefinity, MVC, and JQuery Mobile all on the same page and forms are not giving me View State Exceptions anymore.
First thing is that adding data-ajax="false" is not enough, for this to work you need to disable Ajax before JQuery Mobile starts. So, to do this you need to add in this script BEFORE the JQuery Mobile File loads but after the JQuery file loads.
$(document).bind("mobileinit", function () { $.mobile.ajaxEnabled = false; });
After doing this I then do not use the Sitefinity Begin Form, I just JQuery to change the form on the main page to have the correct action.
<script>
$("#aspnetForm").attr("action", "Home/Login");
</script>
Together this means that there is a complete page load for each page change, and form posts use the form declared in my WebForms Master Page.
-Old Answer -
Actually...what I have below is not working. What I am
currently doing is really ugly but is usually working.
As long as the user enters the site from the home page then the home
page is the Jquery Mobile first page. The view state errors that I
was getting was because it saw the current page as the first page and
the form submit was to the active page. What if the controller for
the home page was just set to handle ALL HTTPPost calls? I have
removed the #Html.BeginFormSitefinity() from all the views with forms
and am just using the form on my top level masterpage. Then I add in
code on the view to change the action of this form to point to the
main page controller. ex
<script>
$("#aspnetForm").attr("action", "Home/Login");
</script>
Once I made this change the forms are not throwing view state
exceptions...as long as the home page is the Jquery Mobile first page.
If the user comes in from a different page then all is scrambled.
Don't have an answer for that yet.
Really Old Answer -
OK, think I have found it. I read somewhere, lost the link now, a
list of issues that can cause the error message. One of them is the
form being submitted from a different page.
I looked at the error message I was getting with Fiddler and noticed
that the Referer was my home page but the URL of the form post was the
URL for the page with my form. In stead of browsing through my site
to the page with the form I typed the URL in the address bar. I tried
submitting my form again and now it works!
So, this is an issue of Sitefinity and JQuery Mobile fighting it out.
When asp.net MVC is run in Hybred mode in Sitefinity it is actually
run in a Web.Forms master page that contains a form. When you use the
#Html.BeginFormSitefinity() to add a form to the view it is actually
just adding a div and then using AJAX to submit the form on the
Web.Forms master page.
JQuery Mobile loads up the first page that you visit, but later pages
are just injected into the existing page. So, there are multiple
data-role="page" divs loaded up in the DOM, inside of the Sitefinity
Web.Forms Master Page.
This all together is causing the form to post with the URL of the
active data-role="page" but the server sees that it is being refered
from the original page I loaded up. So, if I went to the page with
the form first all would work, start at any other page it does not
work.
Now that I know this I can put in data-ajax="false" on the link to the
page with the form and all looks to be working. This will cause
JQuery Mobile to not inject the target page into the current page but
will load all fresh with the target.
data-ajax="false" is the answer!