ASP.Net - MVC5 Authentication

Question

Just a few basic questions I have about how authentication works in the template given. When I create a new MVC5 project in visual studio 2013 I see that there are several different types of them one of them being MVC which includes individual user accounts. I create it and visual studio creates all of the scaffolding for the project. I can login and register etc. My questions are the following:

How does the code know which tables to use: for example the tables that were automatically created are:

But in the model account view model: I see that none of the classes use any of the tables names:

namespace HelloLogin.Models
{
    public class ExternalLoginConfirmationViewModel
    {
        [Required]
        [Display(Name = "User name")]
        public string UserName { get; set; }
    }

    public class ManageUserViewModel
    {
        [Required]
        [DataType(DataType.Password)]
        [Display(Name = "Current password")]
        public string OldPassword { get; set; }

        [Required]
        [StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 6)]
        [DataType(DataType.Password)]
        [Display(Name = "New password")]
        public string NewPassword { get; set; }

        [DataType(DataType.Password)]
        [Display(Name = "Confirm new password")]
        [Compare("NewPassword", ErrorMessage = "The new password and confirmation password do not match.")]
        public string ConfirmPassword { get; set; }
    }

    public class LoginViewModel
    {
        [Required]
        [Display(Name = "User name")]
        public string UserName { get; set; }

        [Required]
        [DataType(DataType.Password)]
        [Display(Name = "Password")]
        public string Password { get; set; }

        [Display(Name = "Remember me?")]
        public bool RememberMe { get; set; }
    }

    public class RegisterViewModel
    {
        [Required]
        [Display(Name = "User name")]
        public string UserName { get; set; }

        [Required]
        [StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 6)]
        [DataType(DataType.Password)]
        [Display(Name = "Password")]
        public string Password { get; set; }

        [DataType(DataType.Password)]
        [Display(Name = "Confirm password")]
        [Compare("Password", ErrorMessage = "The password and confirmation password do not match.")]
        public string ConfirmPassword { get; set; }
    }
}

I am not seeing the connection between the two and how one would get information from the database using this model

If anyone could please give me a simple example (or a link to a tutorial) of how I would connect the two. Lets say I have an database called: helloLogin with no tables, how would I create the model, controller, and the tables for this? I just don't see the connection between the model and the database and how the tables are structures (or how it knows what name to use when it wants to get data from the table).

Thanks

Answer 1

The connection is in two parts. The first is IdentityDbContext<TUser>, which the context that was scaffolded for you inherits from. It has the following properties:

public virtual IDbSet<IdentityRole> Roles { get; set; }
public virtual IDbSet<TUser> Users { get; set; }

This instructs Entity Framework to create tables for IdentityRole and TUser, which is a generic you fill in when you define your subclass of IdentityDbContext<>. The default is ApplicationUser. What isn't quite so obvious is that any classes related to these two come along for the ride and get their own tables as well, so we need to look at ApplicationUser. However, ApplicationUser is just what you add to it. It's your user, in the sense that it's whatever you make it. The real meat comes from the fact that it inherits from IdentityUser, which is part two of the connection. IdentityUser has the following navigation properties (relationships to other classes):

public virtual ICollection<IdentityUserClaim> Claims { get; }
public virtual ICollection<IdentityUserLogin> Logins { get; }
public virtual ICollection<IdentityUserRole> Roles { get; }

So between the two, you get tables for IdentityUser, IdentityRole, IdentityUserClaim, IdentityUserLogin, and IdentityUserRole. There's your five tables. But, you are probably asking, those aren't the table names. Why is that? Well, that's Microsoft, just customizing the generated table names for no good reason. Well, the reason is most likely because older versions of ASP.NET authentication schemes had table names in that style, so they just continued on that way. I suppose it's debatable whether that's a "good" reason or not.