Identity

Identity Server 4 is a Microsoft framework used for Authentication and Authorization. It contains a number of classes and concepts so that you don't have to implement the nitty-gritty details of Authentication and Authorization. You will have to wrap a UI around it and call the right pieces, which is what we have done in Start Blazoring. This topic is expansive, so we will not cover it in detail. For that, you can consult Microsoft's documentation. What we will cover is how and where we use it. Please also check the code, as we wrote a lot of documentation.

Identity is set up in Startup.InitializeIdentity, as well as in Startup.Configure as follows:

  • services.AddIdentity<ApplicationUser, IdentityRole>(...) This registers all the necessary services and makes the class ApplicationUser the entity class to use to represent a user. IdentityRole is the default implementation, but you can override it if you need to.
  • .AddEntityFrameworkStores<ApplicationDbContext>() This tells Identity where to store the data.
  • app.UseAuthentication() and app.UseAuthorization() Identity's Authorization and Authentication middleware gets configured here.
  • UserManager<ApplicationUser> This is a class that has a number of useful methods related to managing users. We use it extensively. This class is also injectable into any of your pages or controllers. Please note that Microsoft does not officially support this class being used in Blazor pages.
  • SignInManager<ApplicationUser> This is a class that has a number of useful methods related to logging in users. This class is also injectable into any of your pages or controllers. Please note that Microsoft does not officially support this class being used in Blazor pages.

Database Tables

During the setup process, you ran the update-database command, which generated some tables in your database. Some of these are prefixed with AspNet*. These tables are all part of Identity.

The ApplicationUser Class

The ApplicationUser class is easily extensible. If you ever need to add a new field to store in the AspNetUsers table, simply add a new property to the class. You can use data annotations, such as [Required] to control the definition of the new column. After you have added your properties, open the Package Manager Console like in the Setup step and run the command add-migration "AddingNewColumn" and then update-database. More on migrations later, but the end result will be that the AspNetUsers table will now contain the new column.

To show the new column in the Users table, first add the new property to ApplicationUserDto. This class is what gets returned by the IUsersClient Api client. Then modify UsersController to map the new property onto the Dto. Finally, open Pages\Account\Users.razor and add a new column in the DataGrid, referencing the new property.

Customizations

The way Authentication and Authorization are implemented in Start Blazoring is but one of the ways. While the defaults for Identity do the job, you may have different requirements. There are many ways you can customize it to your needs, so please refer to Microsoft's documentation. Please note that any customizations you may do incur the risk of breaking the application, as Blazor can be fickle sometimes (we learned that the hard way). We will try to help with any issues that may crop up, but we cannot guarantee that the application will function if you make changes to its guts.

Two-Factor Authentication

There are three Two-Factor Authentication methods implemented in the system: Email, Authenticator App, Sms.

Both Email and the Authenticator App methods work out of the box (given that there is an Email provider configured). If you enable the Sms method, you must also configure ServiceConfiguration.Communication.Twilio. Signing up for Twilio is free and they give you free credit when you start out. We have also partnered with Twilio, who will give our customers extra bonus credit. See the Downloads section for more details.

Table of Contents



An error has occurred. This application may no longer respond until reloaded. Reload 🗙