Using ApplicationUser in MVC application

Question

Can anyone point me at some documentation for best practice on using ApplicationUser in a MVC application?

I have a few classes that I want to base on the ApplicationUser class (for example, an "Employee" class for internal people using the app and a "Client" class to give clients some access too.

Seems that I should be either inheriting from ApplicationUser or referencing it as a foreign key - but I'm not sure a) how to do this or b) what the correct approach is.

(I'm using Code First Entity Framework to scaffold the classes.)

Answer 1

I used this when I was writing a rest API with token based authorization. It also contains good practices of implementing email services, refresh token services and so on. There are 6 articles which are focused on authentication. Once I had to migrate a project from MySql Membership Authorization to Microsoft Identity and I used this as a reference. In terms of architecture (something like CoreModels -> Business logic services/providers -> UI provider) I had a separate project where the authorization module had it's main components such as

1. UserManager
2. RoleManager
3. SignInManager
4. RoleStore
5. UserStore

as well as Providers (you will need them if you want to use Claims-based authorization or OAuth)

I'd advise you to inherit ApplicationUser class and extend it any way you like

public partial class User : IdentityUser<Guid, UserLogin, UserRole, UserClaim>
{
    public decimal Balance { get; set; }

    public string NickName { get; set; }

    public int AnotherEntityId { get; set; }

    [ForeignKey("AnotherEntityId ")]
    public virtual AnotherEntity AnotherEntity { get; set; }

    public virtual ICollection<OtherEntity> OtherEntities { get; set; }

    public User()
    {
        Id = Guid.NewGuid();
    }
}

rather than having 2 tables containing almost similar information about users. Roles will provide you with access restriction functionality (if Client and Employee should have different access levels)