EPiServer CMS UI AspNetIdentity OWIN authentication

You can configure the application to use EPiServer AspNetIdentity as the authentication module for managing users and roles. This configuration requires the following NuGet package as a dependency: EPiServer.CMS.UI.AspNetIdentity.

To use and configure EPiServer AspNetIdentity .NET Core-based authentication:

1. Add the following code to the Startup class:
   

   using EPiServer.Cms.UI.AspNetIdentity;
   using Microsoft.Extensions.DependencyInjection;
   using EPiServer.Data;
   
   namespace EPiServer.Templates.Alloy.Mvc
   {
     public class Startup
     {
       public void ConfigureServices(IServiceCollection services)
       {
         ...
         services.AddCmsAspNetIdentity<ApplicationUser>(o =>
         {
           o.ConnectionStringOptions = new ConnectionStringOptions()
           {
             ConnectionString = // Connection string 
           };
         });
         ...    
       }
     }
   }

The EPiServer.CMS.UI.AspNetIdentity NuGet package implements the UIUsersManager, UIRoleManager, SecurityEntityProvider and SignInManager providers, which need to be integrated with the Optimizely user interface. This means the users, roles, and access rights can be managed from admin view. There is already by default Login/Logout views in EPiServer.Cms.Shell.UI.

Custom user model

There are two ways to define a custom user model.

• Inherit from EPiServer.Cms.UI.AspNetIdentity.ApplicationUser, like this:
  

  public class CustomUser : ApplicationUser
  {
    //your custom properites
  }

• Inherit from Microsoft.AspNetCore.Identity.EntityFramework.IdentityUser and the EPiServer.Shell.Security.IUIUser interfaces, like this:
  

  public class CustomUser : IdentityUser, IUIUser
  {
    public string Comment { get; set; }
    public bool IsApproved { get; set; }
    public bool IsLockedOut { get; set; }
  
    [Column(TypeName = "datetime2")]
    public DateTime CreationDate { get; set; }
          
    [Column(TypeName = "datetime2")]
    public DateTime? LastLockoutDate { get; set; }
         
    [Column(TypeName = "datetime2")]
    public DateTime? LastLoginDate { get; set; }
  
    public string PasswordQuestion{get;}
  
    public string ProviderName
    {
      get { return "MyProviderName"; }
    }
  
    [NotMapped]
    public string Username 
    { 
      get { return base.UserName; } 
      set { base.UserName = value; }
    }
  }

After defining a custom user model, you need to configure it in the Startup class, like this:

using EPiServer.Cms.UI.AspNetIdentity;
using Microsoft.Extensions.DependencyInjection;
using EPiServer.Data;

namespace EPiServer.Templates.Alloy.Mvc
{
  public class Startup
  {
    public void ConfigureServices(IServiceCollection services)
    {
      ...
      services.AddCmsAspNetIdentity<CustomUser>(o =>
      {
        o.ConnectionStringOptions = new ConnectionStringOptions()
        {
          ConnectionString = // Connection string 
        };
      });
      ...
    }
  }
}

SecurityEntityProvider 

The EPiServer.CMS.UI.AspNetIdentity implements and registers the UIUserProvider, UIRoleProvider, UISignInManager and SecurityEntity provider in the container. To override them, you need to programmatically register it in the Container, like this:

public class Startup
{
  public void ConfigureServices(IServiceCollection services)
  {
    ...
    services.TryAddTransient<UIUserProvider,  CustomApplicationUserProvider<TUser>>();
    services.TryAddTransient<UIRoleProvider,  CustomApplicationRoleProvider<TUser>>();
    services.TryAddTransient<UIUserManager,   CustomApplicationUIUserManager<TUser>>();
    services.TryAddTransient<UISignInManager, CustomApplicationUISignInManager<TUser>>();
  }
  ...
}

Last updated: Jul 02, 2021