Where is Login on App using Identity Server 4?

2
votes

On an ASP.NET Core project with EF Core and ASP Identity I have 3 applications:

  • Web API
    It will be accessed by the Angular 2 application.
    In the future it will also be accessed by mobile applications.

  • ASP.NET MVC as a container for an Angular 2 application.

  • ASP.NET Core Auth with Identity Server 4.

I have a few questions about using Identity Server 4:

  1. The Auth application should be Console or ASP.NET MVC?

  2. Where is the Login page?
    Centralized in Auth application so Auth would be ASP.NET MVC / Angular 2?
    Or a login in the Web Application and one in the Mobile Application?

  3. In case the login page is centralized in Auth application as MVC/Angular2:

    3.1. In the login page I might need to display a phrase from the database.
    So the Auth application can call the API in that case?

    3.2. How does the Auth application verify the username and password?
    Does it access the API to verify it or access directly the database?

1
identityserver4

1 Answers

3
votes

1) Not sure what you mean by "Auth application" but IdentityServer4 is middleware for ASPNET Core. So it will be your central authority for issuing tokens for authorization.

2) The login page would be hosted within The IdentityServer4 ASPNET Core application as a normal web page powered by MVC and Razor. There is a repository with examples here.

3.1) You can do a database call and hydrate the view model with this message when a user gets directed to the login page and access that view model using normal MVC/razor patterns.

3.2) This is up to you, you may inject a repository or store that verifies users and their passwords in the controller or some other service.

If you follow the sample many things will become much clearer. If anything is still confusing let me know.