A starting web template that manages registrations and logins for multiple users. It includes different mechanisms such as using SSO login for Google accounts, and OTP authentication using an Authenticator app device, such as Microsoft or Google Auth.
UserManagementAdmin.mp4
- Visual Studio 2019 or later
- Microsoft .NET SDK v5.0.400
- SQL Server 2019 or later
- SQL Server Management Studio
Make sure you select x64 version of the architecture
Open the Solution in Visual Studio
Configure local path for Database
Expand the TemplateRESTful.API and TemplateRESTful.Web folders
- Open the appsettings.json file
- Replace the following database settings
Server=myServerAddress;Database=myDataBase;with the correct settings for your Database Server
Data Source=SQL_SERVER\\SQL_DATABASE;Initial Catalog=DATABASE_NAME;Populate the Database with initial data
-
Click on Tools in the program menu bar
-
Then go to NuGet Package Manager and click on Package Manager Console
-
Run the following command to seed database
update-database -context IdentityContext
update-database -context ApplicationDbContextNote: Make sure to select, TemplateRESTful.Persistence option to avoid errors.
Select a Project to load the API or Web
Right click on the project solution, and select Set as a Startup Project
Run and build the API or Web
Select the TemplateRESTful.API or TemplateRESTful.Web, then click on IIS Express
-
Enable 2-step verification in your gmail settings
-
After clicking on App Password Options, set a password and click on Generate button to get the sign in passcode
-
Inside the appsettings.json file, replace email settings
"EmailConfiguration": {
"From": "business.email@gmail.com",
"SmtpServer": "smtp.gmail.com",
"Port": 465,
"Username": "business.email@gmail.com",
"Password": "xxxx xxxx xxxx xxxx"
},-
Create a new app in Google Cloud Platform, and install the External Identity ProviderNuGet package
-
Inside the appsettings.json file, replace auth settings
"Authentication": {
"Google": {
"ClientId": "0000000000000-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com",
"ClientSecret": "GXXXXX-XXXX_XXXXXXXXXXXXXXXXX_GXXXX"
}
},Click for step by step for instructions, how to generate your ClientId and ClientSecret
- 1. User registrations - Multiple users can register an account at the same or different times.
- 2. User confirmations - Each user can login and confirm their account by clicking a secure link.
- 3. User profile - Each user can access, and change personal information on their profile.
- 4. User credentials - Each user can securely reset their password if they forgot their passkey.
- 5. User SSO login - Some users can login to the application using their Google account.
- 6. User enable 2FA - Each user can enable two factor authentication by scanning a QR code.
- 7. User 2FA Access - Some users can login using a OTP access code provided by Authenticator.
- 8. User recovery access - Each user can access recovery tokens when unable to login using 2FA.
- 1. Admin authentication - Admin user can login to application by using Email generated access code.
- 2. User registrations - Admin user can see User registration information, such as active status
- 3. User login attempts - Admin can see User failed login attempts logs, such as Id and login time.
- 4. User privileges - Admin can grant or deny access to User accounts that violated login policy.
| API | Description | HTTPS(GET) | HTTPS(POST) |
|---|---|---|---|
| RegisterUser | Public user can sign-up for an account | No | Yes |
| LoginUser | Account user can make a login request | No | Yes |
| LogoutUser | Public user can end current session | Yes | No |
| ResetPassword | Public user can change their password | Yes | Yes |
| API | Description | HTTPS(GET) | HTTPS(POST) |
|---|---|---|---|
| ConfirmAccount | Account user can confirm their account | Yes | Yes |
| VerifyAccount | Account user can use contact number to verify | No | Yes |
| API | Description | HTTPS(GET) | HTTPS(POST) |
|---|---|---|---|
| ProfileAccounts | Admin user can see a list of account profiles | Yes | No |
| ProfileAccount | Admin user can see account profile information | Yes | No |
| API | Description | HTTPS(GET) | HTTPS(POST) |
|---|---|---|---|
| AuthorizeAdmins | Admin user can request authorization access code | No | Yes |
| AuthenticateAdmins | Admin user can validate authorization access code | No | Yes |
This project has been built using AdminLTE UI template, to launch a quick demo, and contains some custom styles.
Distributed under the MIT License. See LICENSE for more information.