Remove direct calls to User.Identity.GetUserId() from skeleton ASP.Net Web Application

When you choose to create a new ASP.Net Web Application project in Visual Studio 2013, the skeleton code it generates for the ManageController is littered with calls to User.Identity.GetUserId() T...

Id #2502 | Release: None | Updated: Tue at 6:03 PM by paulhickman | Created: Tue at 6:03 PM by paulhickman

Make store methods virtual on the interfaces

In 3.0 we make all the store methods virtual. We should port these changes to 2.2 as well

Id #2487 | Release: None | Updated: Jan 19 at 10:17 PM by raspranav | Created: Jan 14 at 7:10 PM by raspranav

Make UserManager.UpdatePasswordInternal() protected virtual or make IPasswordHasher templated with access to TUser

My password hashing algorithm has a dependency on salt data that is unique per user. Unfortunately the current implementation of UserManager and IPasswordHasher makes it impossible to elegantly imp...

Id #2482 | Release: None | Updated: Jan 19 at 10:18 PM by raspranav | Created: Jan 14 at 2:33 AM by Corillian

Issue adding roles to a user

Hi, I have a issue adding a user to a role or getting, actual user roles. I'm detected a issue in my IdentityUserRoles table. It has 4 columns instead 2 (RoleId, UserId, ApplicationUser_Id and Iden...

Id #2311 | Release: None | Updated: Tue at 5:57 PM by suhasj | Created: Jul 9, 2014 at 10:04 AM by JaCk0

How do you Mock Find method with EF6.1?

This article shows you how to mock with EF6.1, which I have working, except with the 'Find' method (which always returns null when testing with a mock). Working with the 'Find' method is not addr...

Id #2210 | Release: 2.1 | Updated: May 12, 2014 at 10:48 PM by raspranav | Created: May 10, 2014 at 3:12 AM by Joe_CP

LogIn Fails after new users is created

Dim user As ApplicationUser = manager.Find(Email.Text, Password.Text) User is always nothing I am using an SQL server database and the user is in the database. Is there any way to debug this to se...

Id #2176 | Release: None | Updated: Tue at 8:09 PM by paulmcohen | Created: Apr 24, 2014 at 8:29 AM by paulmcohen

[Samples][Bug][Security] valid UserID is disclosed via lockout

Lockout is not enforced when the UserID is not valid, therefore a dictionary attack discloses which UserID's are valid and invalid. Please add lockout when UserID is not valid. To repro: install t...

Id #2161 | Release: 2.1 | Updated: Jun 24, 2014 at 1:11 PM by RenZtaW | Created: Apr 16, 2014 at 11:12 PM by RickAndMSFT

Missing UNIQUE index on AspNetUserLogins table

In ASP .NET Identity 2.0 you have the following function in the UserStore class: public Task<User> FindAsync(UserLoginInfo login) { } It's goal is to return a user if it finds a reco...

Id #2160 | Release: 2.2.0-alpha1 | Updated: Aug 25, 2014 at 10:22 PM by HaoK | Created: Apr 16, 2014 at 9:13 PM by MattOl

[Samples package] Consider separating email and username

In the current samples we assume the username and email to be same. We can re think of separating the two.

Id #2145 | Release: None | Updated: Aug 2, 2014 at 9:58 PM by MrKazoo | Created: Apr 3, 2014 at 6:26 PM by suhasj

Look into perf enhancements for Asp.Net Identity

Tracking bug to look into perf results and enhancements

Id #2075 | Release: None | Updated: Aug 22, 2014 at 7:40 PM by suhasj | Created: Mar 4, 2014 at 10:33 PM by suhasj