I want to use AspNetCore.Identity for my backend. I am using MongoDb, so I am creating a custom UserStore implementation. It is my first time setting this up and I am a little uncertain about the following aspects:
- Claims without roles: Can I skip everything about roles (e.g., no RoleManager, no implementation of Role related interfaces in the UserStore)?
- Registering: Am I missing any interfaces which I would need to add to my IdentityBuilder? I did not find clear explanation which aspects I need for my case as a lot of examples were either too simplistic or extremely complex.
- Claims for auth: Am I setting up the usage of claims for authorization correctly?
This is how I plan setup all identity related aspects:
public static IdentityBuilder AddIdentityStore
(this IServiceCollection services, Action<IdentityOptions> setupIdentityAction)
{
var builder = services.AddIdentityCore<MyUser>()
.AddUserStore<MyUserStore>()
.AddUserManager<UserManager<MyUser>>()
.AddDefaultTokenProviders();
var sp = services.BuildServiceProvider();
var db = sp.GetService<IDatabase>();
if (db == null)
{
throw new ArgumentNullException(nameof(db), "Database not available as service");
}
var userCollection = db.GetCollection<MyUser>(nameof(MyUser));
services.AddSingleton(s => userCollection);
services.AddTransient<IUserStore<MyUser>>(s => new MyUserStore(userCollection));
return builder;
}
And this is how I then plan to use the claims on the user for authentication
builder.Services.AddAuthorization(options =>
{
options.AddPolicy("HasAbc", policy => policy.RequireClaim("Abc"));
});
Thanks for your help!