How to use ASP.NET Identity without a database
You don't have to migrate to Identity framework, FormsAuthentication still works. And Andrew is correct, using Identity framework makes little sense here, since it is all about managing users.
However, if you insist on using it, you can implement your own UserManager
and IUserStore
. Some guidance can be found in Scott K. Allen blog post. See the links on the bottom - samples of implementations - you can take some of these and convert to your needs.
I would imagine your IUserStore
will be simple, because there is only one user and most of the methods don't have to be implemented. And for the ones required (I think you'll need FindUserById
and related) you'll need to reach to web.config
via ConfigurationManager
Related videos on Youtube
Lee Englestone
Lee is a passionate and innovative Developer and DevRel Lead whom excels at leadership, lateral thinking, new ideas/innovation and creating proof of concepts to realise their value. He is constantly experimenting with new technologies, exploring their benefits and introducing them to others including Augmented Reality, Machine Learning, and Artificial Intelligence. He also enjoys building useful resources for the tech community including http://VisualStudioTips.co.uk, http://XamarinARKit.com and http://TechCommunityCalendar.com You can follow him @LeeEnglestone
Updated on September 15, 2022Comments
-
Lee Englestone about 1 year
I am trying to implement custom authentication using the new ASP.NET Identity in an MVC 5 project.
I have a single username and password that I want to use to restrict which pages of the website the user can see via [Authorize] tags on controllers and views. (Easy)
I am migrating from a FormsAuthentication model whereby this was as simple as putting the credentials in the web.config.
Because I only have a single username and password I don't want to use a database as the UserStore, instead I want ASP.NET Identity to retrieve the username and password from a custom configurationsection in the web.config (don't worry about that part).
After much search, I can't find a code sample that doesn't rely on a database for ASP.NET Identity authentication.
So i'm looking for a code sample that at the point of authentication, the user can put in custom code to check the username & password against the credentials in the custom ConfigurationSection of the web.config.
Can someone please point me in the right direction thanks.
Update : I've tried looking at this code sample but it doesn't even compile out of the box.. poor. http://code.msdn.microsoft.com/Simple-Aspnet-Identiy-Core-7475a961
Update : The reason that I don't want to use FormsAuthentication is that I am writing a NuGet package that will be installed into a web application. One of the things the NuGet package will do is create a custom ConfigurationSection in the web.config that includes (among other things) a single username and password. I thought this would be safer as it wouldn't alter any existing FormsAuthentication settings currently in the target web application.
Update : I think I have got it working. Will post findings soon.
-- Lee
-
Claies about 9 yearsthe ASP.NET MVC
[Authorize]
attribute can be used with FormsAuthentication; you don't need to use ASP.NET Identity, and in fact it doesn't really make sense to do so. Are you having issues making the[Authorize]
attribute work with the FormsAuthentication process, or is there some other reason you don't want to use FormsAuthentication any longer? -
Claies about 9 yearsfor more context, see blogs.msdn.com/b/webdev/archive/2013/07/03/…
-
Lee Englestone about 9 yearsHi, so I was originally using FormsAuthentication and have no problem doing so.. however I want to use the new Identity stuff because I am writing a NuGet package whose code requires it's own credentials when running and I didn't want to interfere with any possible existing FormsAuthentication settings by inserting my own into the web.config when the NuGet package is installed.
-
Alex about 8 yearsSee also brockallen.com/2013/10/24/…
-
-
Lee Englestone about 9 yearsArgh, I was hoping for a 'complete' solution that doesn't require a db and retrieves credentials from the web.config. I have attempted to augment various code samples unsuccessfully.
-
trailmax about 9 yearsI'm afraid there will be no complete solution for your case.
-
Lee Englestone about 9 yearsAre you saying it's not possible to write a custom implementation of ASP.NET Identity that retrieves credentials from a custom ConfigurationSection in the web.config? I thought the whole point of the new identity stuff was to make it uber extensible?
-
trailmax about 9 yearsI'm saying that nobody have written it yet. And it is entirely possible.
-
Lee Englestone about 9 yearsBrill. Well I was trying to piece it together to be the first. I might try gain if this post is not fruitful.