08 May 2019 07:26
Sometimes, using the full ASP.NET Core Identity framework is overkill for small, one-user applications that require some form of authentication. I'm thinking about blog applications, or web-based utilities that have admin areas that only you should be allowed to reach. All you really want to do is authenticate against a user name and password stored in a config file or similar. You really don't need the ceremony of a database, EF Core, ApplicationDbContexts, SignInManagers, UserManagers etc. This article provides a step-by-step guide to implementing simple authentication using just cookies, while storing credentials securely without a database.