AUTHENTICATION AND AUTHORIZATION

ADD A CUSTOM CLAIM TO AVOID DATABASE CALLS

NET COREIn cases where the application is being enjoyed by many users simultaneously there are alternative techniques in sending queries to the AspNetUsers table. Let’s see where we can add a claim to derive the FullName. This is because we get the FullName from the UserManager and every time we move through the pages of the application a query is made to the database. There may be a little performance decay if the application is enjoyed by many users at the same time.

Cookie

We also add in the authentication cookie the FullName that, once the user is authenticated with the login page, it will travel along with the requests in the application. Let us see the class from which to derive.

Claim

This is the code.

Codice
Registrare la classe
User e Claim

ACCESS USER CLAIMS WITH IHTTP CONTEXT ACCESSOR SERVICE

Let’s see how to access claims in services.

User

CREATE A RELATIONSHIP WITH APPLICATION USER

We create a relationship between AspNetUsers and Courses. This will be very useful when we need to determine whether or not the current user has the right to modify a certain course. We add a new column in the Courses table AuthorId foreign key pointing to the Id field of AspNetUsers. The relationship is one-to-many an author can create many courses.

Relazione corsi autori

On AuthorId we put the foreign key constraint is a one-to-many relationship, an author can create multiple courses, in fact, there can be n entries on that column valued with The Id of the AspNetUsers table as mentioned above.

Code

SEND AN EMAIL TO CONFIRM REGISTRATION

Even to send an e-mail, Identity’s architecture comes to us; what we have to do is to create an infrastructure service that allows us, relying on Identity’s interfaces, to create the code for sending it. The registration interface lends itself somewhat to abuse, this is because if the user was malicious, he could point to an e-mail that was not his own.

Conferma email

The Registration Form sends an email to the specified address, until the user confirms it by clicking on the link the account is locked, not usable. The link redirects to the application, and only after clicking it does confirmation of the e-mail occur, and the user by logging in gets the authentication cookie.

Conferma

The Mail Client of choice is Mail Kit, an open source project available on GitHub.

Invio email con MailKit

USE ADO.NET WITH IDENTITY

Using Entity Framework Core is not the only possible solution, Identity is modular and weakly coupled with a particular implementation.

Stack Identity

What we will do to implement ADO.NET is the replacement of infrastructure services.

Servizi infrastrutturali

AdoNetUserStore acts as a bridge between the UserManager<TUser> and our SqliteDatabaseAccessor.

Ado.Net User Store
Interfacce opzionali
Interfacce opzionali

LINK TO CODE ON GITHUB

GITHUB

Download the section17 code or the master branch or clone the GITHUB repository to have all the sections available in your favorite editor. See the README.md file to find user and password to send e-mail with mailtrap.io. You also need to find the codes to implement ReCaptcha. Below is an image from Google’s site.

Recaptcha