Migrated from 1.1 to 2.0, and I implemented a custom login instead of the lock originally provided.
I have login’s working and signups from external providers working - but where’s the code for registering?
The authentication flows in ASP .NET Core use the built-in OIDC middlewares and the registration/signup of an end-user are not in scope of those middlewares as the requirements will generally vary depending on the identity provider. The case of signups from external social providers is an exception because technically they are mostly the same as an authentication flow (the big difference is that the flow is happening for the first time for that end-user/social provider pair).
In conclusion, for registration of username/password end-users associated with database connection you can use the .NET client library for the Auth0 platform]1. The actual signup is nothing more than an HTTP call to the underlying authentication API endpoint, however, going through the client library will make things more consistent and also simplify the case when you need to call other endpoints. For the registration scenario wou should look into the SignUpUserAsync method available in AuthenticationApiClient.
I’m not sure I understand this. You’re saying that we can’t use your service to manually register users unless we are using a DB on your service?
Why was I able to do that before using the “lock” mechanism?
Sorry, I must be misunderstanding the terminology you’re using. I think I was able to get what I needed by adding the following code. I was confused about the “Connection” attribute under signupuserRequest that I think is name d"Realm" under the login attributes.
Anyway, in case anyone wants to manually register a user using .NET CORE, I believe this works:
[HttpPost]
public async Task<IActionResult> Register(LoginViewModel vm, string returnUrl = null)
{
if (ModelState.IsValid)
{
try
{
AuthenticationApiClient client = new AuthenticationApiClient(new Uri($"https://{_configuration"Auth0:Domain"]}/"));
var signupUserRequest = new SignupUserRequest
{
ClientId = _configuration"Auth0:ClientId"],
Email = vm.EmailAddress,
Password = vm.Password,
Connection = "Username-Password-Authentication",
};
var response = await client.SignupUserAsync(signupUserRequest);
return RedirectToLocal(returnUrl);
}
catch (Exception e)
{
ModelState.AddModelError("", e.Message);
}
}
return View(vm);
}
I’m not sure I understand this. You’re saying that we can’t use your service to manually register users unless we are using a DB on your service?
Why was I able to do that before using the “lock” mechanism?
The registration of username and password user will indeed require a database connection and one is automatically available when creating a new tenant/domain so Lock was likely using that one. I see from your answer that you were able to sort this using the linked sign-up method.
Ya! Thanks.
This actually works much better than the lock. I can parse the response right away and insert anything into our local database that we need. Before I had to wait until a Hook hit our API and I didn’t know if the user was successful or not. This is a much better way to do it. The other way sucked.