What is Microsoft Identity?
User management in web applications and websites is something that is often needed. The tasks such as logging in with their own accounts, performing the operations permitted to them in the system, keeping their records and managing them are important and complex tasks.
However, it is extremely easy to set up a user management system that we mentioned above with Visual Studio.
The Identity system is readily available on the websites created using the Web Forms Site option. So we just need to know how to use the system.
Microsoft previously used the Membership system for user management . This system was loved by the developers, but it lacked the ability for users to log in with different accounts such as Facebook, Google. It can be said that this is the most important reason pushing Microsoft to develop the Identity system.
Today, on websites where the Identity system is used, users can create a local account or log in with their accounts such as Facebook, Twitter, Google and perform transactions securely.
Creating and Using an Identity System
In our previous topic, basic information was given about the files that appear when a new Web Forms Site is created and the systems added to the project. Here we will refer to the Identity system.
Since Identity is a user management system, a database is needed to store user information . The database used is set to work on Sql Server.
If we look at the App_Data folder when we first create the site, we see that the folder is empty. When we run the site and register the first member from the Register.aspx (example: localhost:52733/account/register) page in the Account folder, the database and tables will be created in the App_Data folder.
Connection information about the database is written under connectionStrings under the name DefaultConnection in the web.config file. The created database was created according to the information here. By changing the information here, we can determine information such as the location, name, user name and password of the database to be created.
If the database information that we will use when we publish our site is certain, we can change the connection information in the web.config file with this information from the beginning and ensure that the necessary tables for the user management system are created in this database.
If the database we will use is not yet clear, we can continue to prepare our site with the default connection information. In the future, we can transfer this database or the tables in it to the server. Or we can replace the connection information in the web.config file with a new one and have the tables recreated.
The following tables are used in the database in the Identity System:
-
_MigrationHistory: Information about the creation of the system is kept.
-
AspNetRoles: Roles to be used in the system are kept here. Thanks to the roles, we can give different authorizations to the users and determine the actions that each role can perform . ( Authorization ) Each role to be defined has a name and an id. We can add user roles to the system by entering the role name and id directly into this table.
-
AspNetUserClaims: It is the table where the session information of the users is kept.
-
AspNetUserLogins: Connection information from different providers is kept in this table.
-
AspNetUserRoles: User roles are kept in this table. It has two fields named UserId and RoleId. If we want to determine the role of a user by manually entering data here, it is sufficient to copy the user's id from the users table (AspNetUsers) and the id of the role from the roles table and paste it into this table.
-
AspNetUsers: The information of users registered to the system is kept in this table. Username, user id, encrypted password information etc...
Of course, we can manually enter information into the database, but it is imperative that these transactions can be done from web pages.
There are ready-made pages where basic user operations can be performed in the Account folder of the site. These pages;
-
Login.aspx: This is the login page. Users are also directed to this page when they try to reach a part that they do not have authorization. There is a login form on the page and the necessary codes for logging in are ready in the cs file.
-
Register.aspx: It is the registration page . There is a registration form and necessary codes.
-
Manage.aspx: This is the page where registered users can change their passwords. If the user logged in in the default template clicks on the username in the upper right corner, they will be redirected to this page.
-
RegisterExternalLogin.aspx: This is the page for registering with an external account. (Facebook, google etc...)
-
We can use these pages as they are on our site.
We talked about ready-made pages above. You can find Asp.Net objects related to user operations in the following topics.
creating and managing user accounts with asp.net, asp.net user authenticate system, creating user management system with asp.net, using microsoft identity, how to use asp.net identity, how to manage asp.net users and roles
EXERCISES
There are no examples related to this subject.
Read 713 times.