Contribute to Docs Contribute to Docs

Identity Authentication

Identity Security is a basic implementation using AspNetCore.Identity for user management and authentication. You can use this implementation for production scenarios where you want to host the security packages together with the application.

Installation

As AspNetCore.Identity uses auto increment columns for primary key the migration code for creating the database schema is database dependent. This means you need to include different NuGet packages depending on what database provider you're using. The currently available packages are:

SQLite
> dotnet add package Piranha.AspNetCore.Identity.SQLite
SQLServer
> dotnet add package Piranha.AspNetCore.Identity.SQLServer
MySQL
> dotnet add package Piranha.AspNetCore.Identity.MySQL

Registering The Service

You register Identity Security in ConfigureServices(). There are two methods available for adding the services, AddPiranhaIdentity and AddPiranhaIdentityWithSeed. The later of them seeds the default admin user with username admin and password password. How you register the service is also dependent on which database provider you use:

SQLite

With default seed

public void ConfigureServices(IServiceCollection services)
{
    services.AddPiranha(options =>
    {
        options.UseIdentityWithSeed<IdentitySQLiteDb>(db =>
            db.UseSqlite(...));
    });
}

Without seeding default user

public void ConfigureServices(IServiceCollection services)
{
    services.AddPiranha(options =>
    {
        options.UseIdentity<IdentitySQLServerDb>(db =>
            db.UseSqlite(...));
    });
}

SQLServer

With default seed

public void ConfigureServices(IServiceCollection services)
{
    services.AddPiranha(options =>
    {
        options.UseIdentityWithSeed<IdentitySQLServerDb>(db =>
            db.UseSqlServer(...));
    });
}

Without seeding default user

public void ConfigureServices(IServiceCollection services)
{
    services.AddPiranha(options =>
    {
        options.UseIdentity<IdentitySQLServerDb>(db =>
            db.UseSqlServer(...));
    });
}

Configuring Identity Options

When registering the service you can also provide custom IdentityOptions.

public void ConfigureServices(IServiceCollection services)
{
    services.AddPiranha(options =>
    {
        options.UseIdentity<...>(db => ...,
            identityOptions: io => {
                // Add your custom identity options here
            }
        );
    });
}

Default Identity Options

These are the default Identity Options provided. Please note that these are more geared towards development scenarios as it enforces a very low password strength algorithm, and should be changed in production scenarios.

// Password settings
io.Password.RequireDigit = false;
io.Password.RequiredLength = 6;
io.Password.RequireNonAlphanumeric = false;
io.Password.RequireUppercase = false;
io.Password.RequireLowercase = false;
io.Password.RequiredUniqueChars = 1;

// Lockout settings
io.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30);
io.Lockout.MaxFailedAccessAttempts = 10;
io.Lockout.AllowedForNewUsers = true;

// User settings
io.User.RequireUniqueEmail = true;

Configuring Cookie Options

When registering the service you can also provide custom CookieOptions.

public void ConfigureServices(IServiceCollection services)
{
    services.AddPiranha(options =>
    {
        options.UseIdentity<...>(db => ...,
            cookieOptions: co => {
                // Add your custom cookie options here
            });
        );
    });
}

Default Cookie Options

These are the default Cookie Options provided. These should be changed to support HTTPS or maybe change the default login URL if you're running a custom login setup.

co.Cookie.HttpOnly = true;
co.ExpireTimeSpan = TimeSpan.FromMinutes(30);
co.LoginPath = "/manager/login";
co.AccessDeniedPath = "/manager/login";
co.SlidingExpiration = true;