Getting Started With RTM of ASP.Net Identity

Introduction

Today, in this article you will learn that the final version of ASP.NET Identity is released with its new version 2.0.0. Now you can get the benefit of more security features, account management features and as well as address feedback from the community with the use of this release.

Download

We can easily get this new ASP.NET Identity from the NuGet gallery. We can run the following commands in the Package Manager Console:

  • Install-Package Microsoft.AspNet.Identity.EntityFramework -Version 2.0.0
  • Install-Package Microsoft.AspNet.Identity.Core -Version 2.0.0
  • Install-Package Microsoft.AspNet.Identity.OWIN -Version 2.0.0

Sample

We can use the following command to see the changes in the release:

  • Install-Package Microsoft.AspNet.Identity.Samples -Version 2.0.0-beta2 -Pre

Note: The Identity Sample should be installed in the Empty Project Template.

What's New

The following features were fixed in this release.

Two-Factor Authentication

ASP.NET Identity now provides two-factor authentication, in other words there is an extra security layer available for the user accounts. Now we can use a SMS service for sending codes and use email as well because sometimes the user does not share the contact.

Now, if the user enters an incorrect code for a specified amount of time then the account will be locked out for a specific time.

Account Lockout

The user account will be locked for a specified amount of time, if the user enters the password and two factor codes incorrectly. The number of invalid attempts and the specified amount of time for the user are locked out can be configurable. The developer can also turn off this feature.

Account Confirmation

The account confirmation is now possible in the ASP.NET Identity by confirming the email of the user. Most websites use this feature when creating a new account, you are required to confirm your email before you could use that website. This is a very efficient feature because it prevents fictitious accounts from being created.

Security Stamp

Support a way to regenerate the Security Stamp for the user in case when the user changes their password and any other information like removing a social login such as Facebook, Google. This is needed to ensure that any tokens generated with the old password are invalidated. With the use of this feature the application is more secured since when you change the password , you will be logged out of everywhere you have logged into the application.

We can also configure this to sign out from all places where you have logged  in from, we can configure it in the  Startup.cs file by registering a CookiedAuthenticationProvider as in the following code:

app.UseCookieAuthentication(new CookieAuthenticationOptions {

    AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,

    LoginPath = new PathString("/Account/Login"),

    Provider = new CookieAuthenticationProvider {

       // Enables the application to validate the security stamp when the user logs in.

       // This is a security feature which is used when you change a password or add an external login to your account.  

      OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManagerApplicationUser>(

           validateInterval: TimeSpan.FromMinutes(30),

           regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))

    }

});

Extensibility of Primary Key for Users and Roles

The primary key for users and role types is a string in the version 1.0 and in the Identity system that was preserved in the SQL Server using the Entity Framework we use the nvarchar. Now in this the Visual Studio team has provided an extensibility hook where we can specify what should be the pk of the users and roles table.

IQueryable Support for Users and Roles

The IQueryable support was added for Users and Roles so that we can easily get the Users and Roles list. For example review the following code of UserAdminController.cs:

// GET: /Users/

public async Task<ActionResult> Index()

{

    return View(await UserManager.Users.ToListAsync());

}

Delete User Account

We cannot delete the user from the UserManager in version 1.0 but this issue has been fixed in this version. Review the following code:

var result = await UserManager.DeleteAsync(user);

IdentityFactory Middleware/CreatePerOwinContext

UserManager

Now we can use the Factory Implementation to get an instance of UserManager from the OWIN context. You can review the following code showing how to configure middleware in the Startup.cs file:

app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);

DbContext

The ASP.NET Identity uses the EntityFramework for preserving the identity system in the SQL Server. The Identity System has the reference of the ApplicationDbContext to perform this.

app.CreatePerOwinContext(ApplicationDbContext.Create);

EntityFramework 6.1.0

The latest version of Entity Framework version 6.1.0 is now supportable by the ASP.NET Identity. You can see that in the following screenshot in which the application has the Identity Sample:

Packages Configuration File

Summary

This article has explained that the new RTM version of ASP.NET Identity is available and you can check out the various features released with this new version. Thanks for reading and Stay Updated.