ASP.Net MVC Alternative Login to identity

Question

After reading tutorials and trying out, I have found login with Identity is convoluted, inflexible way. Changing to use username and completely remove Email was a nightmare (and i did not succeed). This have been my experience and I have no strength left to keep going the Owin Identity way.

Are there alternatives to OWIN/Identity login that are acceptable to ASP.Net community as valid just as OWIN/Identity is? I have a project that needs minimalistic (username, password, fullname ONLY). I hope my question is not open ended and is within SO limits ;)

Answer 1

here's a simple owin auth implementation, in case you still want to give it a try: (it's code copied from prodinner)

you need a class to configure it:

public static class OwinConfig
{
    public static void ConfigureAuth(IAppBuilder app)
    {
        app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString("/Account/SignIn")
            });
    }
}

A startup class where you execute the ConfigureAuth

[assembly: OwinStartup(typeof(Startup))]

namespace Omu.ProDinner.WebUI
{
    public class Startup
    {
        public void Configuration(IAppBuilder app)
        {
            OwinConfig.ConfigureAuth(app);
        }
    }
}

and the AccountController where you use it:

public class AccountController : Controller
{
    //... ctor, user service

    private IAuthenticationManager Authentication
    {
        get
        {
            return HttpContext.GetOwinContext().Authentication;
        }
    }

    private void SignInOwin(string name, bool rememberMe, IEnumerable<string> roles)
    {
        var identity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, name) },
            DefaultAuthenticationTypes.ApplicationCookie,
                ClaimTypes.Name, ClaimTypes.Role);

        foreach (var role in roles)
        {
            identity.AddClaim(new Claim(ClaimTypes.Role, role));
        }


        Authentication.SignIn(new AuthenticationProperties
        {
            IsPersistent = rememberMe
        }, identity);
    }

    public ActionResult SignIn()
    {
        return View();
    }

    [HttpPost]
    public ActionResult SignIn(SignInInput input)
    {
        if (!ModelState.IsValid)
        {
            input.Password = null;
            input.Login = null;
            return View(input);
        }

        var user = userService.Get(input.Login, input.Password);

        if (user == null)
        {
            ModelState.AddModelError("", "incorrect username or password");
            return View();
        }

        SignInOwin(user.Login, input.Remember, user.Roles.Select(o => o.Name));


        return RedirectToAction("index", "home");
    }

    public ActionResult SignOff()
    {
        Authentication.SignOut();
        return RedirectToAction("SignIn", "Account");
    }
}

and here's the list of packages that you need:

  <package id="Microsoft.AspNet.Identity.Core" version="2.2.1" targetFramework="net45" />
  <package id="Microsoft.AspNet.Identity.Owin" version="2.2.1" targetFramework="net45" />
  <package id="Microsoft.Owin" version="3.0.1" targetFramework="net45" />
  <package id="Microsoft.Owin.Host.SystemWeb" version="3.0.1" targetFramework="net45" />
  <package id="Microsoft.Owin.Security" version="3.0.1" targetFramework="net45" />
  <package id="Microsoft.Owin.Security.Cookies" version="3.0.1" targetFramework="net45" />
  <package id="Microsoft.Owin.Security.OAuth" version="3.0.1" targetFramework="net45" />
  <package id="Owin" version="1.0" targetFramework="net45" />