• Enable Entity Framework and add dbcontext to the project
  • Add OpenIddict to the project
  • Create authentication controllers
  • Configure authentication services
  • Run the application

Enable Entity Framework and add dbcontext to the project

If you already added Entity Framework to the project you can skip “Enable Entity Framework and add dbcontext to the project” section.

Entity Framework (EF) Core is a lightweight, extensible version of Entity framework data access technology. To add EF Core to the project, we should install Microsoft.EntityFrameworkCore package from nuget package manager. But as we can see Microsoft.AspNetCore.App package (check our “.csproj” file) is installed in our project and it includes EntityframeworeCore, so there is no need to install EF Core separately.

Otherwise, we should run the below command to install EF Core:

Let create our first entity to keep users information named ApplicationUser. It is “Best Practice” to create our entities under Core\Models folder.

Open the ApplicationUser.cs file and modify it as below:

It is “Best Practice” to create Dbcontext in a separate folder from Models, so let’s create Persistence folder and add ApplicationDbContext.cs file to it:

Modify ApplicationDbContext.cs file as below:

Open the appsettings.json file and add ConnectionStrings to it (I have SQL Server express localdb 2014 installed on my pc, feel free to change the ConnectionStrings if you have another version of SQL Server installed)

To be able to run EF Core Commands we need one more package named Entity Framework Core .NET Command Line Tools. Run below commands:

Now that EF Core is installed, let Configure EF Core in ConfigureServices of Startup.cs. so open startup file and add below code to it:

Now, we should create our first migration.

If you check you could see migration folder and its files in your root directory. To update the database run below command:

Add OpenIddict to the project

Open MyApp.csproj and add the below code to it then restore the dotnet project.

Then run the below command:

Create authentication controllers

We need two controllers:

  • Authorization controller

We are going to implement our authorization endpoint in this controller. We will create one action called Exchange which will handle /connect/token route which we specified as the authorization endpoint for OpenIddict. To keep token creating logic separated, we will create one another method called CreateTicketAsync.

So, create the AuthController.cs file under Controllers folder as below.

  • Account Controller

There is one other controller which manages users and do works like register, change password and so on. Before implementing this controller let first create a folder called Resources under controllers folder. We will create our API resources in this folder, let’s create Register, ForgotPassword, ChangePassword, ResetPassword Resources.

  • RegisterResource

  • ForgotPasswordResource

  • ChangePasswordResource

  • ResetPasswordResource

We also need to implement a fake EmailSender, so let’s create a Services folder and create IEmailSender as below:

Then let’s create a FileEmailSender to save emails in a file for now.

and Then add it to our services configuration in Startup.cs

Now, we are ready to implement AccountController.cs

Configure Authentication Services

Now we have our API endpoints for register and login users. Next step is to configure services to enable authentication. Open Startup.cs file and change ConfigureServices method as below:

Add app.UserAuthentication() to Configure method.

Note: you must add it before app.UseMvc()

Don’t forget to add required namespaces using to startup.cs file

Run The Application

let’s test our app, first run the application.

then, open postman and create new post request to http://localhost:5000/api/auth/register and send Email, Password, and ConfirmPassword in the body of the form.

If everything goes fine you should see status 200 OK after sending the request.

If we try to login a user with our API, it will fail with an error that says: Invalid object name ‘OpenIddictAuthorizations’.

So Before we check login, we forgot to update our database to for openiddict tables. So, let create a new migration and update the database.

Now we are good to go. So create a new request in postman with below parameters and send it to http://localhost:5000/connect/token

Don’t forget to set content-type of the request to application/x-www-form-urlencoded

After sending the request, you should see the response as below:

in the next chapter, we will create sigin-in / sign-up components.