Introduction to ASP. NET Identity

Background: ASP. NET Membership ASP. NET Membership (ASP. NET Membership) in 2005, ASP. NET Membership is used to address common requirements of the site in terms of Membership. These requirements include form authentication, an SQL Server database used to store user names, passwords, and user profile information. Nowadays, we have more options for data storage of Web applications. At the same time, most programmers want their websites to use the authentication and authorization functions provided by third-party user identification providers. However, due to the design limitations of ASP. NET membership, it is difficult to adapt to this change: the database architecture is designed for SQL Server and cannot be modified. Although you can add additional user information, this information is stored in a different data table. This makes the information difficult to access (except through the Profile Provider API ). Although the provider system allows you to modify the background data storage structure, the design of the system is based on a hypothesis, that is, the use of relational databases. Although you can also write a non-relational storage mechanism-oriented provider (such as a Windows Azure storage table), after that, you still need a lot of work around the relevant design. This includes writing a lot of code and throwing a lot of System. NotImplementedException exceptions for methods not supported by NoSQL databases. Because the "login/logout" function is based on form authentication, this membership system cannot be used for OWIN. OWIN includes some middleware for identity authentication. You can log on to an external identity Provider (such as a Microsoft account, Facebook, Google, or Twitter; you can log on to an organizational unit account (from the Active Directory in the organizational unit or from Windows Azure Active Directory. OWIN also supports OAuth 2.0, JWT and CORS (Cross-Origin Resource Sharing, Cross-Origin Resource Sharing. ASP. NET Simple member qualification (ASP. NET Simple Membership) ASP. NET Simple member qualification is a Membership system developed for ASP. NET Web Pages. It is released together with WebMatrix and Visual Studio 2010 SP1. The purpose is to simplify the process of adding membership to Web Pages applications. Although simple membership does simplify the process of adding user information, it still has other problems with ASP. NET membership. It also has some limitations: It is difficult to store the data of the membership system in a non-relational storage structure. It cannot be used with OWIN. It cannot work well with the existing ASP. NET membership provider, and it still cannot be expanded. ASP. NET uniform provider (ASP. NET Universal Providers) ASP. NET Universal Providers can store Membership Information in the Windows Azure SQL database, which can work with SQL Server Compact at the same time. The Universal Providers is built on the Entity Framework Code First, which means that the Universal Providers can store data to any storage system that supports the Entity Framework. The database architecture used by the Universal Providers is also greatly simplified. Since the Universal Providers is built on the ASP. NET membership infrastructure, it also has the same restrictions as the SqlMembership provider. They are designed for relational databases and are difficult to customize user data and other user information. These providers still use form authentication to complete the "login/logout" operation. Over the years when ASP. NET membership systems have evolved, the ASP. NET team has received a lot of feedback from users. "The user needs to register in the application and will log on using the username and password at registration ." This assumption is no longer true. Web networks have become more social, allowing users to interact with others in real time through social channels such as Facebook and Twitter. Developers want users to log on using their social network identity to provide a better user experience on their websites. A modern membership system must support jump-based login operations to support authentication providers such as Facebook and Twitter. With the continuous evolution of Web development, the Web development model is also changing. Unit Tests on application code have become the main focus of application developers. In 2008, ASP. NET added a new framework based on the "Model-View-controller (MVC)" mode. One of the purposes of this framework is to help developers build "unit testable" ASP. NET applications. Developers who want to perform unit tests on their application logic also want to perform unit tests on the membership system. Considering these changes in Web application development, ASP. NET brings the following features: One ASP. NET Identity system ASP. NET Identity can be used in all ASP. NET framework, such as ASP. net mvc, Web Forms, Web Pages, Web API, and SignalR. ASP. NET Identity can be used in a variety of applications, including Web applications, mobile applications, mall applications, or hybrid architecture applications. It is easier to add your personal data information. You can control the entire structure of your personal data. For example, you can easily have the system store the birth date information you entered at registration. By default, the ASP. NET Identity system stores all data in the database. ASP. NET Identity uses Entity Framework Code First to implement all its persistence mechanisms. Thanks to your control over the database architecture, some common tasks such as changing the table name and data type can be easily completed. It is easy to introduce other storage mechanisms, such as SharePoint, Windows Azure storage table service, and NoSQL databases. You do not have to throw the System. NotImplementedException exception. ASP. NET Identity makes it easier for Web applications to perform unit tests. You can use ASP. NET Identity to write unit tests for your application. Role providers in ASP. NET Identity allow you to restrict access to a part of an application based on roles. You can easily create roles such as "Admin" and add users to it. Declarative ASP. NET Identity supports "claim-Based authentication )". This mechanism uses a set of "claims" to represent the user's identity. "Declaration" allows developers to better describe user identities than roles. Declared-based membership is different from role-based membership. The latter is essentially a Boolean value (that is, "belongs" or "not belongs" to "specific roles), and a" Declaration "can contain