1

It's been 2-3 days that I tinker around the JWT authentication on .NET Core API without any significant success and without finding anything that suits my needs. I'm actually working to implement an API on top of an existing database. So I already have an existing user class that is done and configure using a dbContext with EF Core.

I don't want to inherit IdentityUser on this class. The reason is that an old application run on the database and it needs to be able to authenticate without passing by my API. So in short, I can't modify any fields or add any tables for compatibility reason. For example, here is my user table already containing fields named "UserMail", "Username" and "RoleId".

public class MyCustomUser {
        public int UserId { get; set; }
        public string Username { get; set; }
        public byte[] Password { get; set; }
        public string FirstName { get; set; }
        public string LastName { get; set; }
        public string UserMail { get; set; }
        public int RoleId { get; set; }
        // [...]
}

What I don't want:

public class MyCustomUser: IdentityUser {
        public int UserId { get; set; }
        public string Username { get; set; } // Conflict
        public byte[] Password { get; set; } // Conflict
        public string FirstName { get; set; }
        public string LastName { get; set; }
        public string UserMail { get; set; } // Conflict
        public int RoleId { get; set; } // Issue
        
        // What will appear in base
        // ---------------------------------------------------
        public virtual string UserName { get; set; }
        public virtual string NormalizedUserName { get; set; }
        [ProtectedPersonalData]
        public virtual string Email { get; set; }
        public virtual string NormalizedEmail { get; set; }
        [PersonalData]
        public virtual bool EmailConfirmed { get; set; }
        public virtual string PasswordHash { get; set; }
}

Is there a way to add an IdentityUser with custom fields. I.E.:

public void ConfigureServices(IServiceCollection services)
{
       services.AddEntityFramework()
        .AddSqlServer()
        .AddDbContext<MyCustomDbContext>(options =>
            options.UseSqlServer(Configuration["Data:DefaultConnection:ConnectionString"]));

       services.AddIdentity<MyCustomUser, MyCustomRole>();
       // [...]
}

I believe my problem is more of a lack of finding resources on the matter as all the informations to this date that I found online were all using a brand new IdentityUser.

Some resources that I looked at, without quite answering my question:

Samuel Montambault
  • 11
  • 2
  • JWT is perfectly suited to be created outside your application... Did you consider this? Authenticate and get token at server/API A and use it at server/API B? this way you do not need to alter the database in your existing app. – Stefan Mar 19 '21 at 14:57
  • Did not think of that thanks for the quick response! However in my situation, the old application that used the DB is an administrator app which have to be able to modify roles and user settings. If I separate the jwt from the existing schema the user creds won't match between the two version. – Samuel Montambault Mar 19 '21 at 15:02
  • Do you still can modify the old App? Because the mapping to roles can be customized. – Stefan Mar 19 '21 at 15:12

0 Answers0