ASP.NET Core Identity is a package that contains reusable code for dealing with identity and authentication. In this video, Nate explains how to add the packages to the API.
- The first step to adding authentication to the API is adding the Asp.Net Core Identity packages. Asp.Net Core Identity contains reusable code for dealing with accounts, passwords, and other authentication concerns. We can add these packages with the NuGet Package Manager. I'll search for aspnetcore.identity and I'll install the main identity package as well as the Entity Framework Core Package. So that's AspNetCore.Identity.IdentityFrameworkCore.
Next, we'll create an entity model that represents a user or account in the API. This I'll put in the models folder and I'll call it user entity. The user entity class will derive from an Asp.net Core Identity base class called Identity User. We need to import this from the identity name space and we'll add some properties. We'll give users a first name and a last name and a created time stamp.
By default, identity user represents a user that has a string ID. I've been using Guids as IDs in the rest of the API so let's use that here too. To do this I need to add Guid to the identity user type. We also need to add an entity that describes a role that a user can be in. We'll use roles to represent different types of users like administrators. We'll create one more class here called user role entity and this will derive from identity role and also of type Guid.
I'm going to create a pair of constructors here for convenience. We'll have one parameter less constructor which calls the base class and one constructor that takes a role name and also pass that into the base class. Now we'll need to update the Db context for Entity Framework Core. Instead of deriving from Db context, we'll now derive from identity Db context. We need to import this name space and then tell it we want to use User Entity objects, User Role Entity objects, and that we're using Guids as Ids.
If we look at the definition of identity Db context with F12, we can see that this will add a couple of Db sets to our context. We'll have a Db set for users, for claims, for roles, and so on. Asp.NET Core Identity will take care of tracking all these objects so we don't have to do this manually. Next, we'll add a test user to the in memory database on startup. As a final step, we need to add the Asp.Net Core Identity services to the service collection so they're available to our application. We can do this in the start up class and the configure services method.
Somewhere in configure services we can say add Asp.Net Core Identity and call services.AddIdentity. We need to pass at the user entity and the user role entity that we want to use. And we'll also say add entity frameworks stores for our hotel API context. We also need to let it know that we're using Guids as IDs. There's one more thing we could add, which is add default token provides, which adds the default functionality for Asp.Net Core's password reset and other features.
That will take care of adding Asp.Net Core Identity to our project. Next we'll add a test user to the in memory data base.
- REST vs. RPC
- Using HTTP methods (aka verbs)
- Returning JSON
- Creating a new API project
- Building a root controller
- Routing to controllers with templates
- Requiring HTTPS for security
- Creating resources and data models
- Returning data and resources from a controller
- Representing links (HREFs)
- Representing collections
- Sorting and searching collections
- Creating forms
- Caching and compression
- Authentication and authorization for RESTful APIs
Skill Level Intermediate
Building Web APIs with ASP.NET Core (2016)with Chris Woodruff1h 7m Intermediate
Deploying ASP.NET Core Applicationswith Nate Barbettini57m 57s Intermediate
1. REST API Concepts
2. Building a Basic API
3. Securing the API
4. Representing Resources
5. Representing Links
6. Representing Collections
7. Sorting Collections
8. Searching Collections
9. Forms and Modifying Data
10. Caching and Compression
11. Authentication and Authorization
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.