🌟 What is ASP.NET Identity?
ASP.NET Identity is a membership system used in ASP.NET applications to manage:
- User registration
- Login/logout
- Roles and permissions
- Password management
- External logins (like Google, Facebook, Microsoft)
It helps you authenticate (verify who a user is) and authorize (check what a user is allowed to do).
🧠 Why Use ASP.NET Identity?
Without Identity, you’d have to:
- Create your own login system
- Securely store passwords
- Manage sessions and cookies
- Handle roles and permissions manually
ASP.NET Identity gives you all this out-of-the-box in a secure and extendable way.
📦 What Does It Include?
Here are the key components:
| Component | Description |
|---|---|
| IdentityUser | Represents a user (username, email, password hash, etc.) |
| UserManager | Helps create, update, delete, and find users |
| SignInManager | Manages user login and logout |
| RoleManager | Manages roles (like Admin, Editor, etc.) |
| DbContext (e.g., ApplicationDbContext) | Connects to the database and stores Identity tables |
📚 Common Identity Tables in Database
When Identity is used with Entity Framework, it creates these tables:
| Table | Purpose |
|---|---|
| AspNetUsers | Stores user details |
| AspNetRoles | Stores roles like Admin, User |
| AspNetUserRoles | Links users and roles |
| AspNetUserClaims | Custom info (like “HasDrivingLicense”: true) |
| AspNetUserLogins | External login info (Google, Facebook) |
| AspNetUserTokens | For features like 2FA, password reset |
🔐 How Does Identity Work?
Example: User Login Flow
- User enters username and password
- ASP.NET Identity:
- Checks if the user exists
- Hashes the entered password
- Compares it to the stored hash
- If matched, it signs the user in
- It issues a cookie or JWT token to track the user
🛠️ Common Identity Code (Simplified)
Register a User
csharp
CopyEdit
var user = new IdentityUser { UserName = "john@example.com", Email = "john@example.com" };
var result = await _userManager.CreateAsync(user, "Password123!");
Login a User
csharp
CopyEdit
var result = await _signInManager.PasswordSignInAsync("john@example.com", "Password123!", isPersistent: false, lockoutOnFailure: false);
Add Role to User
csharp
CopyEdit
await _userManager.AddToRoleAsync(user, "Admin");
Check User’s Role
csharp
CopyEdit
if (await _userManager.IsInRoleAsync(user, "Admin")) {
// do admin stuff
}
🔄 Can You Customize It?
Yes! You can:
- Add custom fields to users (e.g., PhoneNumber, Gender, ProfilePicture)
- Use custom tables
- Store data in SQL Server, MySQL, PostgreSQL, or even NoSQL stores
Example:
csharp
CopyEdit
public class AppUser : IdentityUser {
public string FullName { get; set; }
public DateTime DateOfBirth { get; set; }
}
🔗 External Logins Support
Identity allows login with providers like:
- Microsoft
csharp
CopyEdit
services.AddAuthentication()
.AddGoogle(options => {
options.ClientId = "...";
options.ClientSecret = "...";
});
🛡️ Security Features
- Password hashing: Never stores raw passwords
- Account lockout: Blocks brute-force login attempts
- Email confirmation: Verifies email addresses
- Two-factor authentication (2FA): Adds an extra login step
- Token-based actions: For password reset, email verification, etc.
✅ Summary
| Concept | Explanation |
|---|---|
| Identity | ASP.NET system to handle users, passwords, roles |
| UserManager | Helps create, update, delete users |
| SignInManager | Helps login/logout users |
| Roles | Used to give access (like Admin, Customer) |
| Claims | Custom info about users |
| External Login | Login using Google, Facebook, etc. |
If you're using ASP.NET Core, everything is even more modular, and Identity can be integrated with JWT, Razor Pages, MVC, Blazor, or APIs.