ASP.NET Identity

You can configure the application to use ASP.NET Identity as the authentication module for managing users and roles. This configuration requires the following NuGet package as a dependency: EPiServer.CMS.UI.AspNetIdentity.

To use and configure ASP.NET Identity Core-based authentication, add the following code to the Startup class:

public void ConfigureServices(IServiceCollection services)
{
  ...
  services.AddCmsAspNetIdentity<ApplicationUser>();
  ...    
}

The EPiServer.CMS.UI.AspNetIdentity NuGet package implements the UIUsersManager, UIRoleManager, SecurityEntityProvider, IQueryableNotificationUsers, and SignInManager services, which are needed by the Optimizely user interface. This means the users, roles, and access rights can be managed from the admin view. There is already by default Login/Logout views in EPiServer.Cms.Shell.UI.

Custom user model

There are two ways to define a custom user model.

• Inherit from EPiServer.Cms.UI.AspNetIdentity.ApplicationUser:

  C#

  public class CustomUser : ApplicationUser
  {
  // Your custom properites
  }
  

• Inherit from Microsoft.AspNetCore.Identity.EntityFramework.IdentityUser and the EPiServer.Shell.Security.IUIUser interface:

  C#

  public class CustomUser : IdentityUser, IUIUser
  {
   public string Comment { get; set; }
   public bool IsApproved { get; set; }
   public bool IsLockedOut { get; set; }
  
   [Column(TypeName = "datetime2")]
   public DateTime CreationDate { get; set; }
  
   [Column(TypeName = "datetime2")]
   public DateTime? LastLockoutDate { get; set; }
  
   [Column(TypeName = "datetime2")]
   public DateTime? LastLoginDate { get; set; }
  
   public string PasswordQuestion { get; }
  
   public string ProviderName
   {
       get { return "MyProviderName"; }
   }
  
   [NotMapped]
   public string Username
   {
       get { return base.UserName; }
       set { base.UserName = value; }
   }
  }
  

After defining a custom user model, you need to configure it in the Startup class:

public void ConfigureServices(IServiceCollection services)
{
  ...
  services.AddCmsAspNetIdentity<CustomUser>();
  ...
}

Migration

By default, the EPiServer.CMS.UI.AspNetIdentity provides a built-in ApplicationDbContext class to work with identity entities like Users and Roles. If you want to use EF Core migration for that context, you can configure the migration assembly when calling AddCmsAspNetIdentity() similar to the following:

services.AddCmsAspNetIdentity<ApplicationUser>(configureSqlServerOptions: o => o.MigrationsAssembly(\"Your.Assembly\"));

Then, you can start create migration for the ApplicationDbContext using EF Core Tools:

dotnet ef migrations add InitialCreate

For more information, see EF Core Migration guide.