ASP.NET Core Identity provides two core classes, namely UserManager and SignInManager, that can be used to register users and enable user sign-in and sign-out operations. We can add an Account controller and specify them in the constructor, which then is automatically dependency injected into the controller through the parameterize controller constructor and it can be used to perform these operations.
UserManager and SignInManager both are generic types and they take the type of the class that derives from IdentityUser (in our case, ApplicationUser). SignInManager internally uses AuthenticationManager and wraps most of the complex parts of the authentication.
Here is the AccountController class, having a constructor taking two parameters:
using Microsoft.AspNetCore.Identity;
public class AccountController : Controller
{
SignInManager<ApplicationUser> _signInManager;
UserManager<ApplicationUser> _userManager;
public AccountController(SignInManager<ApplicationUser>
signInManager, UserManager<ApplicationUser> userManager)
{
_signInManager = signInManager;
_userManager = userManager;
}
}
To register a new user, we can define some methods, such as Register, in our AccountController class and call the SignInAsync method as follows:
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<IActionResult>
Register(UserViewModel model)
{
if (ModelState.IsValid)
{
var user = new ApplicationUser { UserName = model.Email,
Email = model.Email,
TwitterHandle = model.TwitterHandle,
LinkedInProfileLink = model.LinkedInProfileLink,
SkypeAccount= model.SkypeAccount };
var result = await _userManager.CreateAsync(user,
model.Password);
if (result.Succeeded)
{
await _signInManager.SignInAsync(user,
isPersistent: false);
return RedirectToAction(
nameof(HomeController.Index), "Home");
}
}
return View(model);
}
In the preceding code, we have defined a Register method that takes UserViewModel as a parameter. UserViewModel contains all the properties needed to register a user. A user can be created by calling the CreateAsync method that takes the user object and password as parameters. If the user is created, we can sign-in the user by calling the SignInManager object that actually signs in the user and sets the authenticated cookie in the browser that can be used for authorization.
CreateAsync contains two overloaded signatures. One that takes a user object and a password as parameters, and another that only takes the user object as a parameter. The difference is that the one that takes the password also stores the password at the time of creation, and the other creates the user with an empty password:
Task<IdentityResult> CreateAsync(ApplicationUser user);
Task<IdentityResult> CreateAsync(ApplicationUser user,
string password);
The SignInAsync method also has two overloaded methods:
Task SignInAsync(ApplicationUser user, bool isPersistent,
[string authenticationMethod = null]);
Task SignInAsync(ApplicationUser user,
Microsoft.AspNetCore.HTTP.Authentication
.AuthenticationProperties authenticationproperties ,
[string authenticationMethod = null]);
The following table shows description of each parameter:
| Parameter | Description |
| ApplicationUser | User object that derives from IdentityUser |
| isPersistent | Gets or sets whether the authentication session is persisted across multiple requests |
| authenticationMethod | Name of the method used to authenticate the user |
| AuthenticationProperties | Properties applied to the login and authentication cookie |
If the user is already registered, we can call the alternative method known as PasswordSignInAsync, as follows:
var result = await _signInManager.PasswordSignInAsync(
model.Email, model.Password,
model.RememberMe, lockoutOnFailure: false);
The PasswordSignInAsync method also has two overloaded methods:
Task PasswordSignInAsync(ApplicationUser user,
string password, bool isPersistent, bool lockoutOnFailure);
Task PasswordSignInAsync(string user,
string password, bool isPersistent, bool lockoutOnFailture);
The difference between these two is obvious. One takes a user object as a first parameter and the other takes a username as a string in the first parameter.
The following table shows a description of each parameter:
| Parameter | Description |
| ApplicationUser | User object that derives from IdentityUser |
| User | Username |
| isPersistent | Gets or sets whether the authentication session is persisted across multiple requests |
| lockoutOnFailure | To set the lockout failure value that locks the account after a specified count of retries |
The Signout operation can be done by calling the SignOutAsync method of the SignInManager object. This clears the cookie from the browser.