Authentication Registration Page

Our authentication set up needs three pages, a register page, a signin page and a signout page.

Set Up the Model

Registration will be build around the following model. Add the model to your Models folder.

Models/Register.cs

No need to run a migration as the table for this data was created in the last step.

Set up the Security Controller

To keep the logic maintainable we'll create a new Controller for the security features of the applications.

Create a new Controller as Controllers/SecurityController.cs:

CONTROLLER: Controllers/SecurityController.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using MyApp.Models;
using MyApp.Security;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc.Rendering;

namespace MyApp.Controllers
{
    public class SecurityController : Controller
    {

private readonly UserManager<AppIdentityUser> userManager;
        private readonly RoleManager<AppIdentityRole> roleManager;
        private readonly SignInManager<AppIdentityUser> signinManager;

public SecurityController(UserManager<AppIdentityUser> userManager, RoleManager<AppIdentityRole> roleManager,
            SignInManager<AppIdentityUser> signinManager)
        {
            this.userManager = userManager;
            this.roleManager = roleManager;
            this.signinManager = signinManager;
        }

public IActionResult Register()
        {
            return View();
        }

[HttpPost]
        [ValidateAntiForgeryToken]
        public IActionResult Register(Register obj)
        {
            if (ModelState.IsValid)
            {
                if (!roleManager.RoleExistsAsync("Manager").Result)
                {
                    AppIdentityRole role = new AppIdentityRole();
                    role.Name = "Manager";
                    IdentityResult roleResult = roleManager.
                    CreateAsync(role).Result;
                }

AppIdentityUser user = new AppIdentityUser();
                user.UserName = obj.UserName;
                user.Email = obj.Email;
                user.FullName = obj.FullName;
                user.BirthDate = obj.BirthDate;

IdentityResult result = userManager.CreateAsync
                (user, obj.Password).Result;

if (result.Succeeded)
                {
                    userManager.AddToRoleAsync(user, "Manager").Wait();
                    return RedirectToAction("SignIn", "Security");
                }
                else
                {
                    ModelState.AddModelError("", "Invalid user details");
                }
            }
            return View(obj);
       		}
	}
}

Notice that a role of manager is hard coded into this example.

Next add a View Pages/Secure/Register.cshtml

VIEW: Views/Security/Register.cshtml

@model Register
@{
    Layout = "_CMS";
}

<h2>Create New User Account</h2>
    <form method="post">
     <table>
     <tr>
     <td><label asp-for="UserName"></label></td>
     <td><input type="text" asp-for="UserName" /></td>
     </tr>
     <tr>
     <td><label asp-for="Password"></label></td>
     <td><input type="password" asp-for="Password" /></td>
     </tr>
     <tr>
     <td><label asp-for="ConfirmPassword"></label></td>
     <td><input type="password" asp-for="ConfirmPassword" /></td>
     </tr>
     <tr>
     <td><label asp-for="Email"></label></td>
     <td><input type="text" asp-for="Email" /></td>
     </tr>
     <tr>
     <td><label asp-for="FullName"></label></td>
     <td><input type="text" asp-for="FullName" /></td>
     </tr>
     <tr>
     <td><label asp-for="BirthDate"></label></td>
     <td><input type="date" asp-for="BirthDate" /></td>
     </tr>
     <tr>
     <td colspan="2">
     <button type="submit">Create</button>
     </td>
     </tr>
     </table>
     <div asp-validation-summary="All" class="message"></div>

</form>

Run the application and browse to https://localhost:44354/Security/Register. Fill out the form to create a new user.

By default, Identity requires that passwords contain an uppercase character, lowercase character, a digit, and a non-alphanumeric character. Passwords must be at least six characters long.

Option can be configured see the Microsoft Documentation.

Currently the View/Security/SignIn that the registration will redirect to does not exist. We'll do that shortly.