Loading...
Area: Optimizely CMS
Applies to versions: 12 and higher
Other versions:
ARCHIVED This content is retired and no longer maintained. See the version selector for other versions of this topic.

EPiServer CMS UI AspNetIdentity OWIN authentication

Recommended reading 
Note: This documentation is for the preview version of the upcoming release of CMS 12/Commerce 14/Search & Navigation 14. Features included here might not be complete, and might be changed before becoming available in the public release. This documentation is provided for evaluation purposes only.

You can configure the application to use EPiServer AspNetIdentity as the authentication module for managing users and roles. This configuration requires the following NuGet package as a dependency: EPiServer.CMS.UI.AspNetIdentity.

To use and configure EPiServer AspNetIdentity .NET Core-based authentication:

  1. Add the following code to the Startup class:
    using EPiServer.Cms.UI.AspNetIdentity;
    using Microsoft.Extensions.DependencyInjection;
    using EPiServer.Data;
    
    namespace EPiServer.Templates.Alloy.Mvc
    {
      public class Startup
      {
        public void ConfigureServices(IServiceCollection services)
        {
          ...
          services.AddCmsAspNetIdentity<ApplicationUser>(o =>
          {
            o.ConnectionStringOptions = new ConnectionStringOptions()
            {
              ConnectionString = // Connection string 
            };
          });
          ...    
        }
      }
    }

The EPiServer.CMS.UI.AspNetIdentity NuGet package implements the UIUsersManager, UIRoleManager, SecurityEntityProvider and SignInManager providers, which need to be integrated with the Optimizely user interface. This means the users, roles, and access rights can be managed from admin view. There is already by default Login/Logout views in EPiServer.Cms.Shell.UI.

Custom user model

There are two ways to define a custom user model.

  • Inherit from EPiServer.Cms.UI.AspNetIdentity.ApplicationUser, like this:
    public class CustomUser : ApplicationUser
    {
      //your custom properites
    }
  • Inherit from Microsoft.AspNetCore.Identity.EntityFramework.IdentityUser and the EPiServer.Shell.Security.IUIUser interfaces, like this:
    public class CustomUser : IdentityUser, IUIUser
    {
      public string Comment { get; set; }
      public bool IsApproved { get; set; }
      public bool IsLockedOut { get; set; }
    
      [Column(TypeName = "datetime2")]
      public DateTime CreationDate { get; set; }
            
      [Column(TypeName = "datetime2")]
      public DateTime? LastLockoutDate { get; set; }
           
      [Column(TypeName = "datetime2")]
      public DateTime? LastLoginDate { get; set; }
    
      public string PasswordQuestion{get;}
    
      public string ProviderName
      {
        get { return "MyProviderName"; }
      }
    
      [NotMapped]
      public string Username 
      { 
        get { return base.UserName; } 
        set { base.UserName = value; }
      }
    }

After defining a custom user model, you need to configure it in the Startup class, like this:

using EPiServer.Cms.UI.AspNetIdentity;
using Microsoft.Extensions.DependencyInjection;
using EPiServer.Data;

namespace EPiServer.Templates.Alloy.Mvc
{
  public class Startup
  {
    public void ConfigureServices(IServiceCollection services)
    {
      ...
      services.AddCmsAspNetIdentity<CustomUser>(o =>
      {
        o.ConnectionStringOptions = new ConnectionStringOptions()
        {
          ConnectionString = // Connection string 
        };
      });
      ...
    }
  }
}

SecurityEntityProvider 

The EPiServer.CMS.UI.AspNetIdentity implements and registers the UIUserProvider, UIRoleProvider, UISignInManager and SecurityEntity provider in the container. To override them, you need to programmatically register it in the Container, like this:

public class Startup
{
  public void ConfigureServices(IServiceCollection services)
  {
    ...
    services.TryAddTransient<UIUserProvider,  CustomApplicationUserProvider<TUser>>();
    services.TryAddTransient<UIRoleProvider,  CustomApplicationRoleProvider<TUser>>();
    services.TryAddTransient<UIUserManager,   CustomApplicationUIUserManager<TUser>>();
    services.TryAddTransient<UISignInManager, CustomApplicationUISignInManager<TUser>>();
  }
  ...
}
Do you find this information helpful? Please log in to provide feedback.

Last updated: Jul 02, 2021

Recommended reading