What is Microsoft Asp.Net Identity?

Asp.Net is the name of the framework that provides user management in websites and web applications. Membership system was used for this purpose until 2013, now Identity is used.

When we create a Web Forms Site in Visual Studio, the user management system will be created automatically. For this purpose, the Identity framework will be included in the project/site.

Thanks to this system, we can easily perform operations such as user login (authentication ) and user authorization.

In the Account folder of the web forms site we created, we can see the ready-made pages where user actions can be performed. For example, the register.aspx page is the page used to create a new user.

A database is absolutely needed to store user information and this database will be stored in the App_Data folder. However, when we first create our site, you will see that this folder is empty.

As soon as we run the site for testing purposes and make the first user registration, the database and necessary tables will be created. 

After the first member registration, we can see that the database has been created when we refresh the App_Data folder from the Solution Explorer panel. This database is a database running on SQL Server.

There are 6 tables in the created database.

• _ MigrationHistory: a table for log purposes
• AspNetRoles: The  table where the roles in the system are stored, a name and an Id of each role are recorded here.
• AspNetUserClaims: Table holding different session information about users
• AspNetUserLogins: If Facebook etc providers will be used to log in, the table holding the links to them
• AspNetUserRoles:  Table where users and roles are mapped. If a user is added to a role, the user id and the role id will be recorded in this table.
• AspNetUsers:  Table holding username, password, etc.

In the current state of the website we have created, user login (logout) operations, registration operations and password change (manage) operations are available.

There is no defined role in the system and the users created are not added to any role. In order to provide role management, we must first define the roles.

Defining Roles to the Identity System

Role definition can be done on the code side or by manually adding it to the database:

App _ double-click the database in the Data folder.

Expand the Tables category.

Right click on the AspNetRoles table and click on the "Show Table Data" command.

Table contents will appear . Specify the role name (Name) and role id (Id) by adding a record to this table. When adding users to the role, we will use the role id that we wrote here.

Since we are going to use roles, logically we need at least two roles. For example, we can create a standard and an administrator role.

By adding the roles we planned to this table, we have made our roles available.

Now it's time to define the roles of users.

Adding the Newly Created User to a Role

User registration is done on the Register.aspx page . Let's add a line to the .cs codes of this page so that each created user is added to the standard role for example:

Above manager.AddToRole(user.Id, "standard"); line will add the currently created user to the role with the standard name.

If we want to change the roles of users through the database manually,  aspnetuserroles we can make the necessary changes in the table. User roles can be determined directly from the database by adding the id and role id of the desired users to this table or by changing if they are added.

Of course, it would be more useful to perform these operations on a web page by writing code.

EXERCISES