Introduction
In ASP.NET Identity, there are 3 types of classes : Managers, Stores and Entities. Managers are objects that we use in order to perform operations, such as registering a user, updating a user account and deleting a user. Stores are objects used by Managers in order to persist and retrieve Entities, such as users and roles.
Entities
There are 5 entities in ASP.NET Identity : users, user claims, user logins, roles and user roles.
| Users | Registered users of your application |
| User claims | A set of claims (name-value pairs) that represent the user's identity. It's used in a claims-based authorization |
| User logins | Holds information about external authentication providers : "Facebook", "Google", etc. |
| Roles | Collections of users : "Admin", "Developer", "Manager", etc. It's used in a roles-based authorization |
| User roles | Contains information about which roles a user is assigned to |
IdentityUser
This class contains 15 properties :
- Email : email address of the user
- EmailConfirmed : boolean value indicating whether the user’s email is confirmed
- PasswordHash : hashed password of the user
- SecurityStamp : random string value that changes whenever the user credentials change
- PhoneNumber : phone number of the user
- PhoneNumberConfirmed : boolean value indicating whether the user’s phone number is confirmed
- TwoFactorEnabled : boolean value indicating whether the two factor authentication is enabled for the user
- LockoutEndDateUtc : end date of the user’s lockout
- LockoutEnabled : boolean value indicating whether the user can be locked out
- AccessFailedCount : number of failed access attempts of the user
- Roles : roles assigned to this user
- Claims : claims of the user
- Logins : login accounts of the user
- Id : id of the user
- UserName : user name of the user
IdentityRole
This class contains 3 properties :
- Users : users who are in this role
- Id : id of the role
- Name : name of the role
IdentityUserLogin
This class contains 3 properties :
- LoginProvider : login provider of the login
- ProviderKey : provider key of the login
- UserId : user id of the login
IdentityUserClaim
This class contains 4 properties :
- Id : id of the claim
- UserId : user id assigned to this claim
- ClaimType : type of the claim
- ClaimValue : value of the claim
IdentityUserRole
This class contains 2 properties :
- UserId : id of the user that belongs to the role
- RoleId : id of the role assigned to the user
Stores
In ASP.NET Identity there are 2 types of stores : UserStore and RoleStore.
The UserStore class implements the following interfaces :
IUserStore
This interface contains 5 methods :
- Create a user
- Delete a user
- Find a user by Id
- Find a user by username
- Update a user
IUserPasswordStore
This interface contains 3 methods :
- Get a user's password
- Check if a user has a password
- Set a user's password
IUserRoleStore
This interface contains 4 methods :
- Add a user to a role
- Get all roles of a user
- Check if a user is in a role
- Remove a user from a role
IUserClaimStore
This interface contains 3 methods :
- Add a claim to a user
- Get all claims of a user
- Remove a claim from a user
IUserLoginStore
This interface contains 4 methods :
- Add a login to a user
- Find a user by login
- Get all logins of a user
- Remove a login from a user
IUserPhoneNumberStore
This interface contains 4 methods :
- Get a user's phone number
- Check if a user's phone number is confirmed
- Set a user's phone number
- Set whether a user's phone number is confirmed or not
IUserEmailStore
This interface contains 5 methods :
- Find a user by email
- Get a user's email
- Check if a user's email is confirmed
- Set a user's email
- Set whether a user's email is confirmed or not
IUserSecurityStampStore
This interface contains 2 methods :
- Get a user's security stamp
- Set a user's security stamp
IUserTwoFactorStore
This interface contains 2 methods :
- Check if a user's two factor authentication is enabled
- Set whether a user's two factor authentication is enabled or not
IUserLockoutStore
This interface contains 7 methods :
- Get a user's current failed access attempts
- Check if a user can be locked out
- Get a user's lockout end date
- Increment a user's current failed access attempts
- Reset a user's current failed access attempts
- Set whether a user can be locked out or not
- Set a user's lockout end date
IQueryableUserStore
This interface contains a property that holds the queryable users.
The RoleStore class implements the following interfaces :
IRoleStore
This interface contains 5 methods :
- Create a role
- Update a role
- Delete a role
- Find a role by Id
- Find a role by name
IQueryableRoleStore
This interface contains a property that holds the queryable roles.
Managers
In ASP.NET Identity there are 3 types of managers : UserManager, RoleManager and a SignInManager.
| UserManager | Performs user-related operations by calling the UserStore |
| RoleManager | Performs role-related operations by calling the RoleStore |
| SignInManager | Performs sign-in operations for users |
Note : As we said in the previous section, ASP.NET Identity is based on Entity Framework Code First. If you don't want to use Entity Framework for persistance, you can create your own persistence mechanism by implementing the above interfaces in your customized classes. In these tutorials, we are going to use the default implementation.