How can i use signInManager in MVC project without using dbcontext and instead communicate with ASP.NET API

Question

So i have a question when i made a MVC project i used signInManager to sign in and also to check identity by checking his role to see if he is a user or admin and it worked with me but my question is how to use it with API + MVC

i have made API and made another MVC project that consume and communicate with that API and i have my database connection string in that API and i wanted to use the signInManager in the MVC project to check identity but it required me to use DBContext but i don't want to have a connection string in my MVC project so is there a solution to check identity without using connection string in MVC and instead communicate and check identity through the API

Answer 1

Please read the following Microsoft document:

Custom storage providers for ASP.NET Core Identity

See the diagram in the above document and description blow:

"To create a custom storage provider, create the data source, the data access layer, and the store classes that interact with this data access layer (the green and grey boxes in the diagram above). You don't need to customize the managers or your app code that interacts with them (the blue boxes above)."

You will be able to use your Web API as the Data Source (the gray box shown in the diagram).

Create custom Data Access Layer and Identity Store (the green boxes in the diagram). Samples are provided in the following pages:

Using your own database schema and classes with ASP.NET Core Identity and Entity Framework Core [http://danderson.io/posts/using-your-own-database-schema-and-classes-with-asp-net-core-identity-and-entity-framework-core/]

Customize ASP.NET Core Identity

The Data Access Layer in the above samples use the Entity Framework Core. Therefore, please rewrite it so that the Identity Store layer can access to your Web API.

The UserManager and SignInManager in the existing Identity Manager layer (the blue box in the diagram) in the ASP.NET Core Identity will interact with the methods in the custom Identity Source.

Answer 2

Certainly! In a scenario where you want your MVC project to interact with an API for authentication and identity checks, you can follow a token-based authentication approach.

1. API Authentication: Ensure your API is set up to issue JWT (JSON Web Tokens) or another token-based authentication. When a user logs in through your MVC project, send credentials to the API, and if valid, the API returns a token.
2. Token Handling in MVC: In your MVC project, store the received token securely (e.g., in a secure cookie or another secure storage mechanism). For subsequent requests to the API, include the token in the Authorization header.
3. Role Checks in MVC: When you need to check roles, you can have an endpoint in your API that checks the role associated with the provided token. Make a request to this endpoint from your MVC project with the token.

Example (assuming your API has an endpoint for role checking):

// MVC Controller action to check user role

public async Task<IActionResult> CheckUserRole()

{

    // Get the token from your secure storage (cookie, etc.)

    string token = GetTokenFromSecureStorage();

    // Call API endpoint for role check

    string apiEndpoint = "https://your-api-domain.com/api/checkUserRole";

    var client = new HttpClient();

    client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);

    HttpResponseMessage response = await client.GetAsync(apiEndpoint);

    if (response.IsSuccessStatusCode)

    {

        // User has the required role

        return View("UserHasRole");

    }

    else

    {

        // User does not have the required role

        return View("UserDoesNotHaveRole");

    }

}

Ensure that your API validates the token on each request and returns appropriate information, such as user roles.

This way, your MVC project doesn't need direct access to the database but relies on the API for authentication and role checks.