0

I have a service which can query the database and return the user object.

I would like to implement MVC authentication in my application with the use of the above service.

Does ASP.NET MVC authentication work with out entity frame work? If yes, which class implementations should I be overriding to use the service for authentication ?

Improve this question
5
  • where did you plan to store the username and password information, if not a database? Commented Apr 27, 2017 at 21:47
  • With the limited information I can see, I would say no. You need a database to store the user information. Commented Apr 27, 2017 at 21:53
  • Yes, Identity can work without a database. However, it will be limited to a deployment session. Ever time you redeploy the previous data is lost. Commented Apr 27, 2017 at 21:55
  • 2
    google "custom asp.net identity" and you should find some helpful articles. Commented Apr 27, 2017 at 23:03
  • @Claies - I am storing the information in the database. But the requirement is not to connect to database from the application. The application has to go through wcf service and this service has access to database to get the data. Commented Apr 27, 2017 at 23:41

2 Answers 2

Reset to default
1

The relevant component relationships to know about are as follows:

SignInManager talks to UserManager talks to UserStore

The class to override is UserStore. If you create an ASP.NET application from the Visual Studio templates, it will provide a user store from Microsoft.AspNet.Identity.EntityFramework.UserStore.

You can replace this user store with your own MyWcfServiceUserStore (or whatever you choose to call it).

For example, if you represented the user as MyUserType, and it used a Guid as a unique identifier:

 public class MyWcfServiceUserStore
    : IUserLockoutStore<MyUserType, Guid>,
      IUserPasswordStore<MyUserType, Guid>,
      IUSerTwoFactorStore<MyUserType, Guid>,
      IUserEmailStore<MyUserType, Guid>
{
   // Lots of methods to implement now
}

You would then modify the code so the UserManager is passed the MyWcfServiceUserStore in the constructor.

public class ApplicationUserManager : UserManager<MyUserType, Guid>
{
    public ApplicationUserManager(IUserStore<MyUserType, Guid> store)
       : base(store)
    {
    }

    public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUserManager> options, IOwinContext context)
    {
       var manager = new ApplicationUserManager(new MyWcfServiceUserStore(...));
       //
       // Further initialization here
       //
       return manager;
    }
}

While this isn't exactly trivial, it should be straightforward to implement all of the required UserStore methods yourself. One thing to keep in mind, within one web call the UserManager might hit the UserStore several times with identical queries, so you will have to make good use of caching.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

The easiest hack is to use form authentication, I have done it, but not in production.

LoginViewModel

public class LoginViewModel
     {
        [Required]
        public string Username { get; set; }
    [Required]
    [DataType(DataType.Password)]
    public string Password { get; set; }
}

Controller Action

    [HttpPost]
    public ActionResult Login(LoginViewModel login)
    {
        if (!ModelState.IsValid)
        {
            ViewBag.Error = "Form is not valid; please review and try again.";
            return View("Login");
        }

        if ((login.Username == "[email protected]" && login.Password == "NotVeryWise")) { 
            FormsAuthentication.SetAuthCookie(login.Username, false);
            return RedirectToAction("Index", "Home");
        }  


        ViewBag.Error = "Credentials invalid. Please try again.";
        return View("Login");
    }

Web.config

    <system.web>
    //...
    //...
    <authentication mode="Forms">
      <forms loginUrl="~/Account/Login" timeout="2880" defaultUrl="~/Home" />
    </authentication>

  </system.web>

You can now use [Authorize] on controllers.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.