11

After reading tutorials and trying out, I have found login with Identity is convoluted, inflexible way. Changing to use username and completely remove Email was a nightmare (and i did not succeed). This have been my experience and I have no strength left to keep going the Owin Identity way.

Are there alternatives to OWIN/Identity login that are acceptable to ASP.Net community as valid just as OWIN/Identity is? I have a project that needs minimalistic (username, password, fullname ONLY). I hope my question is not open ended and is within SO limits ;)

Stefano Mtangoo
  • 6,017
  • 6
  • 47
  • 93
  • Did u try the classic Form ASP .NET auth? – Scharly Ochoa Aug 08 '15 at 15:50
  • 1
    try this https://github.com/brockallen/BrockAllen.MembershipReboot – Juan M. Elosegui Aug 08 '15 at 16:48
  • 3
    You don't need to use full features of Identity. Identity is fully customizable look at [my another answer](http://stackoverflow.com/questions/31584506/how-to-implement-custom-authentication-in-asp-net-mvc-5/31585768#31585768) to see how you can. – Sam FarajpourGhamari Aug 08 '15 at 17:52
  • 1
    I have a demo for the Owin auth in case you want to give it one more try: http://prodinner.aspnetawesome.com/account/SignIn, download here: http://prodinner.codeplex.com/ – Omu Aug 08 '15 at 22:49
  • looks great. Thanks! – Stefano Mtangoo Aug 09 '15 at 13:20
  • @Omu can you put it on the answer with little summary on how to extract functionality (Yes I wil check videos). I think it all I need and am going to accept it as the answer – Stefano Mtangoo Aug 09 '15 at 13:24
  • 2
    @Omu 's answer works, but it does make use of the OWIN/Ideitity system. I still see it as overkill when all I need for my project (same as the poster) is username/password/fullname. Are there alternatives that just keep it simple - simple as in NO roles, NO claims, NO external logins; just the 3 fields in my table? – mkvlrn Sep 18 '15 at 12:38

1 Answers1

7

here's a simple owin auth implementation, in case you still want to give it a try: (it's code copied from prodinner)

you need a class to configure it:

public static class OwinConfig
{
    public static void ConfigureAuth(IAppBuilder app)
    {
        app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString("/Account/SignIn")
            });
    }
}

A startup class where you execute the ConfigureAuth

[assembly: OwinStartup(typeof(Startup))]

namespace Omu.ProDinner.WebUI
{
    public class Startup
    {
        public void Configuration(IAppBuilder app)
        {
            OwinConfig.ConfigureAuth(app);
        }
    }
}

and the AccountController where you use it:

public class AccountController : Controller
{
    //... ctor, user service

    private IAuthenticationManager Authentication
    {
        get
        {
            return HttpContext.GetOwinContext().Authentication;
        }
    }

    private void SignInOwin(string name, bool rememberMe, IEnumerable<string> roles)
    {
        var identity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, name) },
            DefaultAuthenticationTypes.ApplicationCookie,
                ClaimTypes.Name, ClaimTypes.Role);

        foreach (var role in roles)
        {
            identity.AddClaim(new Claim(ClaimTypes.Role, role));
        }


        Authentication.SignIn(new AuthenticationProperties
        {
            IsPersistent = rememberMe
        }, identity);
    }

    public ActionResult SignIn()
    {
        return View();
    }

    [HttpPost]
    public ActionResult SignIn(SignInInput input)
    {
        if (!ModelState.IsValid)
        {
            input.Password = null;
            input.Login = null;
            return View(input);
        }

        var user = userService.Get(input.Login, input.Password);

        if (user == null)
        {
            ModelState.AddModelError("", "incorrect username or password");
            return View();
        }

        SignInOwin(user.Login, input.Remember, user.Roles.Select(o => o.Name));


        return RedirectToAction("index", "home");
    }

    public ActionResult SignOff()
    {
        Authentication.SignOut();
        return RedirectToAction("SignIn", "Account");
    }
}

and here's the list of packages that you need:

  <package id="Microsoft.AspNet.Identity.Core" version="2.2.1" targetFramework="net45" />
  <package id="Microsoft.AspNet.Identity.Owin" version="2.2.1" targetFramework="net45" />
  <package id="Microsoft.Owin" version="3.0.1" targetFramework="net45" />
  <package id="Microsoft.Owin.Host.SystemWeb" version="3.0.1" targetFramework="net45" />
  <package id="Microsoft.Owin.Security" version="3.0.1" targetFramework="net45" />
  <package id="Microsoft.Owin.Security.Cookies" version="3.0.1" targetFramework="net45" />
  <package id="Microsoft.Owin.Security.OAuth" version="3.0.1" targetFramework="net45" />
  <package id="Owin" version="1.0" targetFramework="net45" />
Omu
  • 69,856
  • 92
  • 277
  • 407