In Visual Studio 2017, create a new ASP.NET Core Web Application (.NET Core) project, changing authentication to Individual User Accounts (so using ASP.NET Core Identity).
In the created project, there is an AccountController. In the [HttpGet] Login method, there is the following:
// Clear the existing external cookie to ensure a clean login process
await HttpContext.Authentication.SignOutAsync(_externalCookieScheme);
I'm just trying to understand the authentication process a bit better. So my questions are:
What does this code do?
Why is it included in this method?
If I do not include this in my own login method, under what circumstances will I encounter a problem, and what will the problem be?
In identity you can use external login like Microsoft, Google or Facebook and this method insures that you are not logged in with these services before authenticating user.
just if you use external login, include this line in your Login action otherwise you don't need it.
Related
I am working on a new ASP.NET Core Blazor application that I am basing on the BlazorHero clean architecture template.
The major modification that I need to make is the switch from its ASP.NET Core Identity based system to relying on WS-Federation SSO authentication.
My initial goal is to get the app to stop using the login screen. (Which is caused by the
App.razor in the Blazor Client sending unauthorized users to login) What do I need to modify for the app to go to the home page rather than the login screen?
My second goal is to get the user service to return the current user information from our Ws-Federation server. I can write the code that will populate the current user from Ws-Federation. How/where do I tell the Identity service what I want it to return for the current user?
My assumption is that I will need to re-write (at minimum) the IdentityService.cs, the UserService.cs and the RoleService.cs files.
I have selected Individual User Accounts while creating Blazor application. I have no idea where I can modify the Login page that was created, the file with source dode is not available anywhere.
How to modify Login page in that scenario?
When choosing your configuration the created template gets delivered with IdentityServer and ASP.NET Core Identity. IdentityServer makes the Endpoint OpenID/OAuth compatible. This is needed for the Blazor WebAssembly app to streamline the process of getting a token, validating it etc. ASP.NET Core Identity is used to save and retrieve the users from the database, loging them in by setting a Cookie and checking the correctness of provided passwords, hashing them etc. This link answers how you can modify the default Razor Pages delivered when an app with ASP.NET Core Identity is created.
Where are the Login and Register pages in an AspNet Core scaffolded app?
I really need your help. I am trying to implement IdentityServer4to generate tokens for authenticated users giving them access to the web application. However, I have set my IdentityServer Project in its own solution. Then I have a web application that runs. What I need to implement is:
1.Using Identity user signs in.
2. if successful redirect to identity server4 to generate token
3. Redirect back to application with genrated tok
You will have to add in IdentityServer configuration web application as a client with scopes. Please see here:
http://docs.identityserver.io/en/latest/topics/clients.html
https://github.com/IdentityServer/IdentityServer4/tree/main/samples/Quickstarts/2_InteractiveAspNetCore/src
I am currently learning ASP.NET Core. As a first step I want to port an older project from ASP.NET WebForms to ASP.NET Core Blazor. Unfortunately, I have some difficulties with setting up a authentification.
As far as I've read, there are many ways to do an authentification.
Cookie Based
Identity Based
etc.
But I am not sure which one I should use. Also what is the key point of an Identity based authentication?
I want to compare username and password with an existing Firebird database. If the enetered crendetials matches an entry in the database, the user should be logged in. The authentification should be required for the entire app, except the login page. The authentication should last for around 8 hours.
Which authetication method should I use? And how can I use my own checking method to verify an user? I don't want to use the build in database from the app that comes with this AppDbContext stuff.
Thanks!
-Marvin
I want to create a self-hosted ASP.NET Core application that authenticates a single user for access and allows the user to change their password. Once authenticated, the user can access the application content. This mechanism is quite similar to how you would login to your home router... when you open a browser to the router IP, you are taken to the login screen. Once authenticated, you can change router settings and change the administrative password.
There is no need for:
New user registration
Two factor authentication
Forgotten password recovery
Personal data management
Email verification
Etc...
I have a proof-of-concept working using ASP.NET Core Identity, but the default UIs provide way too much functionality. I understand you can disable/customize the default UIs via scaffolding which works, but creates a ton of project clutter.
Is there an alternative I should consider? Or am I stuck with all the scaffolding boilerplate code?