ASP.Net MVC 5 Identity Questions

Associate
Joined
25 Feb 2007
Posts
2,062
Location
Bedfordshire
So I have been learning ASP.Net MVC along with Entity Framework from database first perspective.

The identity framework that is included in the project templates looks very interesting and will save me a lot of time as writing these sorts of systems is always a time consuming job. There are a couple of things that I am unsure about and I thought it would be best to ask on here before I dive in using this framework in my next big project.

Firstly, that database that it creates on the fly, can that be my main application database or will I have to run 2 (one for the identity stuff and one for my main app)? Is the framework smart enough not to interfere with the tables that I'll create and manage?

Secondly, I noticed the passwords are stored as a hash (good), but there is no sign of a salt anywhere. Exactly how secure is this hash that is created? Am I going to have to change this hashing mechanism to be more secure?

Thirdly, the user table does not contain all of the information I want to associate with a user. I hoping I'll be able to create another table with a 1 to 1 relationship with this table that'll contain all of the data that I'll need. I cant foresee any issues with this but has anyone else done something like this successfully?

Forthly, I'm going to need a roles and permissions based system in my application. I'm assuming I'll be able to utilise the roles and claims in the identity framework to do this, or will I be better off writing my own implementation?
 
Ah excellent, thanks for all the info, sounds like it will be perfect for my new app. Any other tips in getting to grips with MVC? I've gone through the initial tutorials for it on the Microsoft website and it all seems quite straight forward (and much nicer than web forms).
 
Ok a few more questions :p

1) I want to put all of my models into a class library including all of the identity models that were created for me.

2) How do I go about changing the connection string that is created for me by the identity framework? I need it to point to an existing database on an SQL Server 2016 instance.

I attempted point 1 and this obviously gave me a lot of compile errors which were easy to fix (namespaces needing updating). I placed the provided con string into the app.config but I got a context error when trying to register on the site. I'm pretty sure this was a connection string issue, hence question 2.

I tried to fix this by setting the DefaultConnection to the same as my edmx connection string but just got a wall of red errors :| . Any pointers would be appreciated.
 
Back
Top Bottom