4

I am working in a MVC project that contains both regular MVC controllers as well as Web API Controllers. Initially I implemented Forms Authentication with custom user table. But now I am planning to use the new ASP .NET Identity and change from the forms cookie based authentication to claims based authentication and authorization. I already have a database with tables with custom fields. So I need to customize the ASP .NET Identity to work with my tables Can anyone guide me on how this can be achieved ?

Edit:

In reply to FKutsche, here is the User table that I have. I have kept only the columns that matter.

User Table

UserId

UserName

Password

UserTypeId

User Type Table

UserTypeId

UserType

The column names are self explanatory so I am not describing them. The User Table has foreign key on UserTypeId column to the UserType table.

devanalyst
  • 1,348
  • 4
  • 28
  • 55
  • Without knowing how your tables look like at the moment, no one can help you I think. In Addition to that, it could be really hard to adapt the ASP.NET Identity to an existing user database – FKutsche Mar 18 '16 at 07:54
  • I agree with Luca and his answer below. I am working with an asp.net mvc 5 project, but we are looking to move this to AngularJS front-end with `WebApi 2` running as a different project on a different port. You could add a new Web Api project to your solution, and you get out-of-the-box functionality. And you can also modify the User Profile in `Models\IdentityModel.cs`, if needed. Also see WebApi.cors nuget package for Cross-Origin response headers. – bob.mazzo Mar 18 '16 at 16:45

1 Answers1

7

There's no point in making this kind of migration if you're not going to use the Identity table format.

ASP.NET Identity has an outstanding out-of-the-box list of features that simply cannot exist without the appropriate db support (and that user table is not capable of providing them).

I think you have different options here:

  • stick with your user table and build a custom oauth provider on it (it's not too difficult, please check this link - I personally built the security layer of many apps following this guide)
  • migrate to a brand new identity model with ASP.NET identity and link this table as an extended claim to the IClaimsIdentity generated for the logged user (check this SO answer for example).

IMHO, I personally prefer the second option: you have to migrate your user ids and passwords to the new system, but it's better to start with something solid and well tested. This way you will also have access to future improvements, which is probably not true with a completely customized system without a big coding effort.

Hope it helps :)

Christopher Berman
  • 719
  • 1
  • 5
  • 21
Luca Ghersi
  • 3,261
  • 18
  • 32