1

I'm working on a solution using ASPNET Core 2.1 with Individual autentication. I was able to implement a seed class which creates the Identity roles, the admin user and assigns a role to the admin user when the host runs for the first time. After the first run, I check the database and everything is working fine. I don't like the 'Hello, userdummy@domain.com' welcome format message so I intend to change this in the future switching from email format to something more friendly as a username. Because of that, I use a different username from email address. When I assign this different username, login fails, but if I switch back to email-email for username and email fields, login works. I want a different username from email address. Any ideas about why is that happening?

This is the piece of code in my seed class which creates a new user:

if (!_dbContext.Users.Any())  // if users table is empty
{
    // instantiate a user-store class
    var _userStore = new UserStore<IdentityUser>(_dbContext);

    // create a new user object with a different username
    var admin = new IdentityUser
    {
        Email = "admin@admin.com",
        UserName = "Administrador"  // it makes login to fail
    };

    try
    {
        // ask the store-guy to create a new admin user with the given ridiculous password :D
        var result = await _userStore.CreateAsync(admin,"123456");
    }
    catch (System.Exception ex)
    {
        _logger.Error(ex, "Sorry. Something went wrong here.");
    }
}

If I change the username to have the same string than the email address, I can login with no problems.

I don't want to login using username. I want to login using email address but show a different string, like a name, in welcome message.

Marcelo
  • 11
  • 3
  • see my answer, you're seeding is only run if you don't have Users. You need to modify this to either always run, or delete your existing users. – johnny 5 Jul 20 '18 at 14:49
  • Please [edit] your question and include the login code – Camilo Terevinto Jul 20 '18 at 14:59
  • Login code is from the ASPNET Core template which uses compiled razor pages. It is compiled so I can't write them down. – Marcelo Jul 20 '18 at 15:02
  • 1
    Possible duplicate of [ASP.Net UserName to Email](https://stackoverflow.com/questions/19481835/asp-net-username-to-email) – Adam Vincent Jul 20 '18 at 15:13
  • If you set the username to `Administrador` then you must log in with `Administrador`, unless you customise the login code to use emails instead. – Kirk Larkin Jul 20 '18 at 15:31
  • @Kirk Larkin I see your point, and I suspect that you are correct BUT everything in view, viewmodel and controller points to email validation format and not username. I'm gonna investigate the PasswordSignInAsync() method of Identity Framework to see if it calls for email but compares it to username. It would be a kind of "let me check your email to see if it is equal to your username". It would be so confused. – Marcelo Jul 20 '18 at 15:48
  • `PasswordSignInAsync` takes either the [`Username`](https://github.com/aspnet/Identity/blob/release/2.1/src/Identity/SignInManager.cs#L298) or the [`User`](https://github.com/aspnet/Identity/blob/release/2.1/src/Identity/SignInManager.cs#L274) itself. [The Identity UI uses the `Username` version](https://github.com/aspnet/Identity/blob/release/2.1/src/UI/Areas/Identity/Pages/Account/Login.cshtml.cs#L86) but refers to it as the `Email` which is, well, confusing... Ultimately, the Identity UI treats `Username` and `Email` as the same, but the `SignInManager` does not. – Kirk Larkin Jul 20 '18 at 15:56
  • 1
    @KirkLarkin You are pretty right! Because a little bit confusing use of terms and validation rules coming from the Identity template, I got totally lost. Spent hours trying to figure it out. Thank you, bro. – Marcelo Jul 20 '18 at 16:03

2 Answers2

0

The default convention is for an IdentityUser to login against the 'UserName` field.

You can allow an email address as a username by turning off "AllowOnlyAlphanumericUserNames"

UserManager.UserValidator = new UserValidator<TUser>(UserManager) { AllowOnlyAlphanumericUserNames = false }

See answer and usage here

Adam Vincent
  • 3,281
  • 14
  • 38
  • You pointed me to the right direction because IdentityUser checks __UserName__ and not user email, despite all validation rules make us think that Identity uses email as field to check. One solution, said by @KirkLarkin in comments, would be to change all the validation rules for them to point to UserName which is the real field that is being tested in user table. – Marcelo Jul 20 '18 at 16:20
0

As a final solution to my question, guided by the help of you guys, would be either change the validation rules for registration and sign-in forms to point to UserName (the real field being checked against User table) or try to create a claim and use it as the name to be shown in welcome and other messages. This last one would be a valid, simple and harmless workaround. Thank you all.

Marcelo
  • 11
  • 3