ASP. NET Identity Framework

Identity provides a user-and role-based membership management framework that basically meets all the functional requirements of a Business Project login operation.

If you want to use this framework you need to create a new user and role type that inherits from Iuser<tkey> and Irole<tkey> respectively, and all subsequent operations are based on these two classes.

1. The design of the framework is very simple, a series of new store interfaces for the entity class or the direct interface of the database table, for example, if we implement Iuserpasswordstore<tuser, in Tkey>, Then all the direct operation of the password method is defined in this interface, Iuserrolestore<tuser, in Tkey> interface defines the Userrole table operation method, we can easily associate users and roles. The framework defines a lot of these stores contain userclaims,email,lockout,phonenumber and so on all the operational logic that we might use in user management operations, And there is a unified Userstore implementation class that implements all the store interfaces defined above. The default implementation is to define a construction method that Identitydbcontext injected into the userstore so that it can be identitydbcontext idbset<tuser> and idbset<trole> And so on the property completes the operation to the database. In the actual build environment, a userstore is customized and injected into the IOC container, and the constructor of the custom Userstore relies on injecting all relevant irepository so that the design of the warehouse layer in the domain hierarchy can be well used, We can also define some of our own store interfaces, such as Iuserpermissionstore, to satisfy authorization validation.

2. To facilitate the operation of user, the framework defines a usermanager type, which relies on the above-mentioned userstore to complete all operational logic for the user. For example, delete and change the user record, change password, lock account, create claimsidentity

The design of the 3.Identity itself is really simple, but some of his code implementation is very valuable, we can apply to our own framework or business projects, such as when we generate the message verification token is only a few minutes of validity, This requires that we add the time information to the token, the validation will take time to verify, Rfc6238authenticationservice is very good for us to provide such an implementation, Its generatecode and validatecode design is more concise and practical.

A lot of times we need to generate a uniquely identified string based on an instance and some special conditions, and when necessary, to get the individual data values that are obtained inside, it is difficult to meet the requirements with simple serialization, and the framework provides us with a good implementation

4. In addition to read through the source code to understand some of its specific implementation details and extension features, can make us more confident use of bold to improve the grid and efficiency of the project.

For example, we create a claimsidentity using the user record obtained after the login is successful Usermanager Iclaimsidentityfactory<tuser, Tkey> property, We can customize one such identity factory class to fully customize the generated claimsidentity, and the default factory implementation adds userid,username to the generated claimsidentity, Roles and user-related claim. We can get the data we need based on this implementation, and even refactor our own implementation (no longer use the cache to save profile information, save it to the claim table using Iuserclaimstore, which is automatically brought into the claimsidentity)

Or the identity framework implements a identityfactorymiddleware that makes it easy to create and dispose of an object within the lifetime of each request, avoiding the performance cost of creating instances frequently

The Identityfactorymiddleware also provides us with a Dataprotectionprovider parameter that allows us to encrypt and decrypt the data as we create the instance.

(Just a series of posts for a job next month, each of which is as concise as possible, not for beginners?)

ASP. NET Identity Framework