39 - Add Identity to API
Transcript
00:00Guys, let's get this section started.
00:02The first thing that we're going to do is add support
00:05for the authentication libraries to our API.
00:09Authentication slash authorization libraries are built
00:13into.NET Core in the form of this library called Identity.
00:18What we'll do is add that to the API so that
00:22the API knows that it should use
00:25these libraries to facilitate
00:27authentication and authorization activities,
00:30as well as point it to the database that will support
00:34these authentication and authorization
00:37data storage values.
00:39So the difference between authentication
00:42and authorization would be that authentication verifies
00:46who you are, authorization restricts
00:49or allows your activities.
00:52So when you talk about username, password,
00:54use that to authenticate.
00:56Once you have been validated,
00:58then we look at maybe your role or certain permissions
01:01that you have to allow you to do certain things or not.
01:06So with all of that said,
01:08if this is your first time setting up
01:09the authorization libraries or authentication
01:13in a.NET Core project,
01:15then no problem, we can do that together.
01:17If you're familiar with the process,
01:20then this is probably just good practice
01:22for you at this point, right?
01:24So what we'll do in the program.cs file
01:26for the API is start off by saying builder.services.
01:32And then we're going to add identity.
01:34Now you'll notice that you have different identity options
01:39that you can have, but we'll do identity core
01:43because identity core has just the core functionality
01:47that we need and we can add on or not.
01:49We can choose what to include.
01:52And for the simple API, we don't need every single thing.
01:55So we'll just add the core stuff
01:57and include the rest, right?
01:59Now, what it is asking for as a type parameter
02:03would be the data class
02:06that is associated with the user record, right?
02:11So in other words, in identity,
02:14we have a default user type called identity user.
02:19So we don't need to go,
02:20you can go and create a custom user class if you need to.
02:26But you don't necessarily have to
02:27because this one is kind of built in.
02:30And if you need any additional libraries, then you can,
02:35well, actually you shouldn't need any additional libraries
02:38or NuGet packages, but you will notice
02:40that you get this additional using statement
02:42for Microsoft.spnetcore.identity.
02:45So we've added identity core.
02:48We're telling it that we'll be relying on identity user.
02:51If it is a case where you have a different
02:54custom user type that might have additional fields,
02:57then you can extend this user class.
02:58But for simplicity sake, we'll just use the default
03:02because we don't need much more than that.
03:04We can also add additional parameters
03:09to this whole identity setup.
03:10So like I said, identity core allows us
03:12to add certain things.
03:14I think they all do, but this one comes with a bare minimum.
03:17And then if you don't add it, it won't be included
03:19or they won't assume that you'll be using it.
03:22So if you intend to use roles,
03:24then you have to explicitly state
03:25that you intend to use roles.
03:29And then you have the default role type in identity role,
03:35very similar to the identity user, right?
03:38And then at the end of all of that,
03:41I think probably even more important than the add roles
03:44would be to tell it where it should use as its data store.
03:49So we can say add entity framework stores.
03:54And then we need to specify the name of the DB context
03:56that represents our DB store.
03:59So at this point, we need to jump over
04:03to NuGet package manager,
04:04and we're going to look for microsoft.spnetcore.identity.EntityFrameworkCore
04:10So we need this library so that we can support that line.
04:14So once you install that library, that error should go away.
04:18And what this does once again is tell our API
04:22that we're adding identity core relative to this user type.
04:26We're adding support for roles relative to that data type.
04:30And then we're adding the entity framework stores.
04:33So integrate with whatever database
04:36is targeted by this DB context,
04:38which we know at this point would be our car list DB
04:41that we're storing at some central enough location.
04:45So the published API can access it, right?
04:49The next thing that we want to do
04:51is let the DB context know
04:54that it is now supposed to be relative to identity.
04:56So if I jump over to this DB context,
05:00I can modify its inheritance, right?
05:05So right now it's just a simple DB context,
05:08but identity and entity framework
05:11have another type of DB context called identity DB context.
05:17And this identity DB context
05:19comes with the built in functionality
05:21to support all of the tables needed for authentication
05:26and user manipulation in general, right?
05:29So just by changing this inheritance
05:31and after that using statements,
05:34just by changing that inheritance,
05:36I am now telling the DB context that yes,
05:39you are a DB context and these are your tables,
05:41but by default you also have identity related tables
05:46that you should include, right?
05:48So it has all the default functionality and then some.
05:51If we had a custom user type,
05:53meaning we weren't using identity user,
05:56but using something else or an extension of identity user,
06:01then we could easily just specify that additional user here.
06:04But in the absence of it,
06:06it's going to assume that we're going to be using
06:08the default type.
06:10So once we've done all of that,
06:12we need to generate the new tables, right?
06:15So I'm going to go over to the package manager console
06:18and then let me just clear.
06:20And what I'm going to do is add a new migration
06:24and I'll say added identity tables.
06:29Once I do that and give it a few seconds.
06:32And of course the default project needs to be API.
06:36Let's try that again.
06:38And I'm still getting this error.
06:40So just in case you're getting this error,
06:43what I would suggest is that you change the,
06:47you set one of them to start a project.
06:48So I'll just set the API as startup project
06:52and make sure that it is also set inside of this section.
06:57And then let us try that again.
07:00All right, and there we go.
07:02Now we are getting a little warning here.
07:05It's letting us know that there is,
07:08you know, some of our tools have gone out of sync
07:11and it is my recommendation just for ease of use
07:14whenever we're dealing with,
07:15especially when we're dealing with entity framework
07:17and all of these libraries that you keep all of them
07:20up to date and in sync with the versions, right?
07:23So I'll just do that quick update while we're here.
07:27And that was just to address that little warning
07:29that we saw, all right?
07:31So let us look at the migration.
07:34So if we look back at the migration,
07:35then we'll see,
07:36because we already know what a migration is.
07:38It got added to this migrations folder.
07:40We did the initial migration with the initial table
07:44for cars and all the records.
07:46Now we have a new migration
07:48and this one is generating our tables.
07:51So these are default tables that came courtesy
07:54of us changing the inheritance from DB context
07:58to identity DB context.
08:00It was that simple, right?
08:02We're getting tables for roles, tables for users,
08:06a table for role claims and a number of tables
08:09all related to the default functionality built-in
08:12through the identity framework, all right?
08:17So we have all of that.
08:18And just like that,
08:19we have completed the first set of steps required
08:23for adding identity to our API.
08:27So the final thing I'm going to do is update the database.
08:33So now that we have new tables,
08:34go ahead and update the database.
08:36And when that migration is executed,
08:39then we know that we now have all of those new tables
08:44present in our database.
08:45So when we come back,
08:46we're going to look at seeding some default users
08:50and roles into our application.