ASP.NET MVC 5 Identity: Authentication and Authorization

Learn how to authenticate and authorize users of your ASP.NET MVC 5 application using login credentials from Facebook, Twitter, Google, Microsoft, and other third-party providers.

Introduction

• Improve user experience with third party authentication
• What you need to know

1. Identity Management

• Membership in ASP.NET
• ASP.NET Identity
• Identity demo
• Authentication vs. authorization
• Common vulnerabilities in applications

2. Authentication

• Understand authentication and authentication options
• Create a new ASP.NET MVC 5 application
• Facebook authentication
• Twitter authentication
• Google authentication
• Microsoft authentication
• GitHub authentication
• Configure Windows authentication
• Email confirmation setup: SendGrid
• Email confirmation in action
• Two-factor authentication with SMS setup: Twilio
• Two-factor authentication with SMS in action

3. Authorization

• Understand authorization and authorization types
• Simple authorization
• Role-based authorization
• View-based authorization
• View-based authorization using the view model

4. Security

• Vulnerability: Object binding vulnerability
• Vulnerability: Dangerous uploaded file type
• Vulnerability: Excessive authentication attempts
• Vulnerability: XSS filter evasion
• Vulnerability: Inclusion of third-party ccripts
• Vulnerability: Cross-site request forgery (CSRF)
• Vulnerability: Open redirect

Conclusion

• Next steps