9 Managing users with authentication

 

This chapter covers

  • Implementing basic authentication
  • Installing and configuring ASP.NET Core Identity
  • Scaffolding and customizing the Identity UI

This and the next chapter look at managing users within a Razor Pages application. They look at two closely related topics: authentication and authorization. Authentication is the process of identifying who your user is. Authorization is part of the process of securing your application by limiting your user’s access to only those parts of the application they are allowed to access.

This chapter concentrates on the nature of a user and how you can authenticate their identity, or ensure they are who they claim to be. Authentication is hard to get right. From a practical point of view, you need to provide mechanisms to capture and store a user’s personal information, including something only they know, such as a password. Then you need to be able to remember the user on subsequent visits. Your application might also require you to use a secondary authentication mechanism, two-factor authentication (2FA), like a code sent by SMS. You might need to provide the user with features to reset their password if they have forgotten it or manage their profile information. What about verifying email addresses? Or managing account lockouts in the event of repeated incorrect attempts to log in? And you need to do all of this in a cryptographically secure manner.

9.1 Authentication basics

 
 
 

9.1.1 How authentication works

 
 
 

9.1.2 Adding simple authentication

 
 

9.2 ASP.NET Core Identity

 
 
 
 

9.2.1 Creating a user

 
 
 
 

9.2.2 Configuring the DbContext

 
 

9.2.3 Adding migration

 
 
 
 

9.3 Customizing Identity

 

9.3.1 Customizing Identity options

 
 

9.3.2 Customizing the user

 
 
 
 

9.3.3 Scaffolding and customizing the UI

 
 

Summary

 
 
sitemap

Unable to load book!

The book could not be loaded.

(try again in a couple of minutes)

manning.com homepage
test yourself with a liveTest