asp.net-identity

What I Need?! I have an ASP.NET identity system setup and running with external logins. For whatever reason i need to setup a custom authentication after the ASP.NET identity authentication. Let me explain how? Lets say I have three pages for the users to view on my application, Page A,B,C. Who can view Page A? Any anonymous user can view page A. Who can view Page A & B? Any user who have created an account either with his/her email & password or with external logins. Who can view Page A,B & C? Here is the place i want to set custom authentication. Any user who have created an account either

I walkthrough this official ASP.NET tutorial , and the bearer token is published as below JSON. { "access_token":"boQtj0SCGz2GFGz[...]", "token_type":"bearer", "expires_in":1209599, "userName":"Alice", ".issued":"Mon, 14 Oct 2013 06:53:32 GMT", ".expires":"Mon, 28 Oct 2013 06:53:32 GMT" } I'd like to add user profile properties along with the above resul in order to reduce number of requests from clients. The example is as below... { "access_token":"boQtj0SCGz2GFGz[...]", "token_type":"bearer", "expires_in":1209599, "userName":"Alice", ".issued":"Mon, 14 Oct 2013 06:53:32 GMT", ".expires":"Mon

I am using ASP.NET MVC 5 and SignalR. I want to send a message to a specific user. I have followed the method which is explained in this tutorial (also suggested by this answer ). I have overridden IUserIdProvider , to use UserId as connectionId . public class SignalRUserIdProvider : IUserIdProvider { public string GetUserId(IRequest request) { // use: UserId as connectionId return Convert.ToString(request.User.Identity.GetUserId<int>()); } } And I have made the change to my app Startup to use the above custom provider: public partial class Startup { public void Configuration(IAppBuilder app)

This might actually be more of a conceptual question. In Asp.Net Identity the PasswordHasher generates a different hash for the same string every time you do: new PasswordHasher.HashPassword("myString"); Now if for some reason I need to manually compare a user's input to the password saved in the database, I will most probably get a different string when I hash the user's entered password, than the one that is stored in the database. Can someone please explain this to me? Shouldn't hashing the same string result in the same hash and if not, how does Identity itself realize that two different

This question already has an answer here: Logout: GET or POST? 9 answers The sample Identity project uses this to log out: @if (Request.IsAuthenticated) { using (Html.BeginForm("LogOff", "Account", FormMethod.Post, new { id = "logoutForm", @class = "navbar-right" })) { @Html.AntiForgeryToken() <ul class="nav navbar-nav navbar-right"> <li>@Html.ActionLink("Hello " + User.Identity.GetUserName() + "!", "Index", "Manage", routeValues: null, htmlAttributes: new { title = "Manage" })</li> <li><a href="javascript:document.getElementById('logoutForm').submit()">Log off</a></li> </ul> } } And the

I'm trying to use UserManager in a class, but I'm getting this error: Error activating IUserStore{ApplicationUser} No matching bindings are available, and the type is not self-bindable. I'm using the default Startup.cs, which sets a single instance per request: app.CreatePerOwinContext(ApplicationDbContext.Create); app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create); I'm able to get the ApplicationDbContext instance, which I believe is getting injected by Owin (Is that true?): public class GenericRepository<T> : IGenericRepository<T> where T : class { private

I have added First and Last name to the ApplicationUser Class. public class ApplicationUser : IdentityUser { public async Task<ClaimsIdentity> GenerateUserIdentityAsync(UserManager<ApplicationUser> manager) { // Note the authenticationType must match the one defined in CookieAuthenticationOptions.AuthenticationType var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie); // Add custom user claims here return userIdentity; } public string FirstName { get; set; } public string LastName { get; set; } } also added information to RegisterViewModel My

I have a small Web API application that uses Identity to manage users using Owin Bearer Tokens. The basics of this implementation work fine: I can register a user, login a user and access Web API end points that are marked with [Authorize] . My next step is to limit Web API endpoints using roles. For example, a controller that only users in the Admin role can access. I've created the Admin user as below and I add them to the Admin role. However when I update my existing controllers from [Authorize] to [Authorize(Roles = "Admin")] and try to access it using the Adim account, I get a 401

As a bit of context, I'm developing an ASP.NET MVC 5 application that uses OAuth-based authentication via Microsoft's OWIN implementation, for Facebook and Google only at this stage. Currently (as of v3.0.0, git-commit 4932c2f), the FacebookAuthenticationOptions and GoogleOAuth2AuthenticationOptions don't provide any property to force Facebook nor Google respectively to reauthenticate users (via appending the appropriate query string parameters) when signing in. Initially, I set out to override the following classes: FacebookAuthenticationOptions GoogleOAuth2AuthenticationOptions

How can I limit the UserName field in the table AspNetUsers ? Neither this: public class ApplicationUser : IdentityUser { [Required, MaxLength(15)] public string UserName { get; set; } } or this: modelBuilder.Entity<ApplicationUser>().Property(x => x.UserName).HasMaxLength(15); works. I need this because setting an Index on an nvarchar(max) gives me this error msg: Column 'UserName' in table 'dbo.AspNetUsers' is of a type that is invalid for use as a key column in an index. To be verbose, I was trying to set the indexes like this: public override void Up() { CreateIndex("dbo.AspNetUsers",