Identity Server 4 is a Microsoft framework used for Authentication and Authorization. It contains a number of classes and concepts so that you don't have to implement the nitty-gritty details of Authentication and Authorization. You will have to wrap a UI around it and call the right pieces, which is what we have done in Start Blazoring. This topic is expansive, so we will not cover it in detail. For that, you can consult Microsoft's documentation. What we will cover is how and where we use it. Please also check the code, as we wrote a lot of documentation.
Identity is set up in
Startup.InitializeIdentity, as well as in
Startup.Configure as follows:
services.AddIdentity<ApplicationUser, IdentityRole>(...)This registers all the necessary services and makes the class
ApplicationUserthe entity class to use to represent a user.
IdentityRoleis the default implementation, but you can override it if you need to.
.AddEntityFrameworkStores<ApplicationDbContext>()This tells Identity where to store the data.
app.UseAuthentication() and app.UseAuthorization()Identity's Authorization and Authentication middleware gets configured here.
UserManager<ApplicationUser>This is a class that has a number of useful methods related to managing users. We use it extensively. This class is also injectable into any of your pages or controllers. Please note that Microsoft does not officially support this class being used in Blazor pages.
SignInManager<ApplicationUser>This is a class that has a number of useful methods related to logging in users. This class is also injectable into any of your pages or controllers. Please note that Microsoft does not officially support this class being used in Blazor pages.
During the setup process, you ran the
update-database command, which generated some tables in your database. Some of these are prefixed with
AspNet*. These tables are all part of Identity.
ApplicationUser class is easily extensible. If you ever need to add a new field to store in the
AspNetUsers table, simply add a new property to the class. You can use data annotations, such as
[Required] to control the definition of the new column. After you have added your properties, open the Package Manager Console like in the Setup step and run the command
add-migration "AddingNewColumn" and then
update-database. More on migrations later, but the end result will be that the
AspNetUsers table will now contain the new column.
To show the new column in the Users table, first add the new property to
ApplicationUserDto. This class is what gets returned by the
IUsersClient Api client. Then modify
UsersController to map the new property onto the Dto. Finally, open
Pages\Account\Users.razor and add a new column in the
DataGrid, referencing the new property.
The way Authentication and Authorization are implemented in Start Blazoring is but one of the ways. While the defaults for Identity do the job, you may have different requirements. There are many ways you can customize it to your needs, so please refer to Microsoft's documentation. Please note that any customizations you may do incur the risk of breaking the application, as Blazor can be fickle sometimes (we learned that the hard way). We will try to help with any issues that may crop up, but we cannot guarantee that the application will function if you make changes to its guts.
There are three Two-Factor Authentication methods implemented in the system: Email, Authenticator App, Sms.
Both Email and the Authenticator App methods work out of the box (given that there is an Email provider configured). If you enable the Sms method, you must also configure
ServiceConfiguration.Communication.Twilio. Signing up for Twilio is free and they give you free credit when you start out. We have also partnered with Twilio, who will give our customers extra bonus credit. See the Downloads section for more details.
Table of Contents
- Initial Setup
- Project Structure
- Entity Framework
- User Interface
- Email Service
- Background Workers
- Creating a new Page
- Publishing to Azure