How to use ASP.NET Identity without a database

12,118

You don't have to migrate to Identity framework, FormsAuthentication still works. And Andrew is correct, using Identity framework makes little sense here, since it is all about managing users.

However, if you insist on using it, you can implement your own UserManager and IUserStore. Some guidance can be found in Scott K. Allen blog post. See the links on the bottom - samples of implementations - you can take some of these and convert to your needs.

I would imagine your IUserStore will be simple, because there is only one user and most of the methods don't have to be implemented. And for the ones required (I think you'll need FindUserById and related) you'll need to reach to web.config via ConfigurationManager

Share:
12,118

Related videos on Youtube

Lee Englestone
Author by

Lee Englestone

Lee is a passionate and innovative Developer and DevRel Lead whom excels at leadership, lateral thinking, new ideas/innovation and creating proof of concepts to realise their value. He is constantly experimenting with new technologies, exploring their benefits and introducing them to others including Augmented Reality, Machine Learning, and Artificial Intelligence. He also enjoys building useful resources for the tech community including http://VisualStudioTips.co.uk, http://XamarinARKit.com and http://TechCommunityCalendar.com You can follow him @LeeEnglestone

Updated on September 15, 2022

Comments

  • Lee Englestone
    Lee Englestone about 1 year

    I am trying to implement custom authentication using the new ASP.NET Identity in an MVC 5 project.

    I have a single username and password that I want to use to restrict which pages of the website the user can see via [Authorize] tags on controllers and views. (Easy)

    I am migrating from a FormsAuthentication model whereby this was as simple as putting the credentials in the web.config.

    Because I only have a single username and password I don't want to use a database as the UserStore, instead I want ASP.NET Identity to retrieve the username and password from a custom configurationsection in the web.config (don't worry about that part).

    After much search, I can't find a code sample that doesn't rely on a database for ASP.NET Identity authentication.

    So i'm looking for a code sample that at the point of authentication, the user can put in custom code to check the username & password against the credentials in the custom ConfigurationSection of the web.config.

    Can someone please point me in the right direction thanks.

    Update : I've tried looking at this code sample but it doesn't even compile out of the box.. poor. http://code.msdn.microsoft.com/Simple-Aspnet-Identiy-Core-7475a961

    Update : The reason that I don't want to use FormsAuthentication is that I am writing a NuGet package that will be installed into a web application. One of the things the NuGet package will do is create a custom ConfigurationSection in the web.config that includes (among other things) a single username and password. I thought this would be safer as it wouldn't alter any existing FormsAuthentication settings currently in the target web application.

    Update : I think I have got it working. Will post findings soon.

    -- Lee

    • Claies
      Claies about 9 years
      the ASP.NET MVC [Authorize] attribute can be used with FormsAuthentication; you don't need to use ASP.NET Identity, and in fact it doesn't really make sense to do so. Are you having issues making the [Authorize] attribute work with the FormsAuthentication process, or is there some other reason you don't want to use FormsAuthentication any longer?
    • Claies
      Claies about 9 years
    • Lee Englestone
      Lee Englestone about 9 years
      Hi, so I was originally using FormsAuthentication and have no problem doing so.. however I want to use the new Identity stuff because I am writing a NuGet package whose code requires it's own credentials when running and I didn't want to interfere with any possible existing FormsAuthentication settings by inserting my own into the web.config when the NuGet package is installed.
    • Alex
      Alex about 8 years
  • Lee Englestone
    Lee Englestone about 9 years
    Argh, I was hoping for a 'complete' solution that doesn't require a db and retrieves credentials from the web.config. I have attempted to augment various code samples unsuccessfully.
  • trailmax
    trailmax about 9 years
    I'm afraid there will be no complete solution for your case.
  • Lee Englestone
    Lee Englestone about 9 years
    Are you saying it's not possible to write a custom implementation of ASP.NET Identity that retrieves credentials from a custom ConfigurationSection in the web.config? I thought the whole point of the new identity stuff was to make it uber extensible?
  • trailmax
    trailmax about 9 years
    I'm saying that nobody have written it yet. And it is entirely possible.
  • Lee Englestone
    Lee Englestone about 9 years
    Brill. Well I was trying to piece it together to be the first. I might try gain if this post is not fruitful.