Thursday, June 30, 2016

VS Item Template for ASP.NET Identity 2.0

ASP.NET Identity does many cool things; a lot more than the old Membership Provider did. I did a project lately that needed to do what the Membership Provider did, Users and Roles. It turns out that the ASP.NET Identity supports Membership, but it is poorly documented.

I looked high and low on the Internet for good examples of ASP.NET Identity doing simple Membership without any extra fluff (my client didn’t want any of it), but did not find any! Since I could not find a good any, I decided to make one and put it on GitHub.

I also built a Visual Studio Item Template that will add most of what you need add and edit roles and users.

The Template

I released my template on my Github account here. It only works with ASP.NET MVC projects created in Visual Studio 2015. It is too stupid to validate that you are using To use my template:

  1. Download from the latest release.
  2. Copy it to <My Documents>\Visual Studio 2015\Templates\Item Templates\Visual C#
  3. Open Developer Command Prompt for VS2015 as administrator
  4. Run devenv /installvstemplates
  5. Open Visual Studio 2015 (don’t use an already opened copy, the template won’t be there)
  6. Create a new project (you can open an existing project as long as it is an ASP.NET MVC project created in VS 2015 or upgraded to ASP.NET Identity 2, VS 2013 projects won’t work, then skip to step 9)
  7. Choose ASP.NET Web Application, name it and click OK
  8. Select the template MVC
  9. Project => Add New Item (or Ctrl+Shift+A)
  10. On the left, select Visual C# then select Forms Auth Role and User CRUD for MVC Project using ASP.NET Identity (better name?)
  11. Follow the instructions in the read me file.

The things I make you do

I wanted to be safe and not touch any of your code, so I am asking you to do it for me.

Create ApplicationRoleManager

The default Visual Studio ASP.NET MVC project is aware of Users but not Roles. You will need to tell it to care about Roels by adding an ApplicationRoleManager. So go to App_Start > Startup.Auth.cs and change the Startup.ConfigureAuth to look like this:

public partial class Startup
public void ConfigureAuth(IAppBuilder app)
// Add this line:

Add links to navigate to User and Roles pages

OK, you have Users and Roles and forms to edit Users and Roles; but how do you get to them? If you are using the default ASP.NET MVC layout, make the main menu in _Layout.cshtml look like this:

<div class="navbar-collapse collapse">
   <ul class="nav navbar-nav">
       <li>@Html.ActionLink("Home", "Index", "Home")</li>
       <li>@Html.ActionLink("About", "About", "Home")</li>
       <li>@Html.ActionLink("Contact", "Contact", "Home")</li>

       @if (Request.IsAuthenticated && User.IsInRole("Admin")) {
<li>@Html.ActionLink("RolesAdmin", "Index", "RolesAdmin")</li>
           <li>@Html.ActionLink("UsersAdmin", "Index", "UsersAdmin")</li>

Create “Seed” User

OK, you have all this wonderful User and Role functionality. The trouble is that you need a user who is in the role “Admin” to add and edit users. I added a special form that will allow you to register one and only one “seed” user who will be a member of “Admin”; if it sees that the role “Admin” already exists, it will send you to an error page. Go to http://yourdomain/seeduser/register and create a your new very first Admin user! After you create your seed user, you can delete SeedUserController and the SeedUser Views (files in /Views/SeedUsers).

Other things to do

If you don’t want to expose any of your site to the outside, make all controllers require authorization with the [Authorize] attribute.

Delete Register page and routes (Including my Register Seed User). In the AccountController, delete (or comment out) both Register methods.

Sunday, May 15, 2016

Notes on Roles with ASP.NET Identity on MVC

How do you handle authentication and authorization (or “security”) on a small scale ASP.NET MVC site? The other day I talked to someone who was experiencing problems with setting up security. He set up a MVC project in Visual Studio and couldn’t get it do what he wanted it to do.

Membership Provider

Back in the day there was the Membership Provider, which was easy to use but isn’t hardened enough for these modern times. But was cool, you could set up users and roles with the ASP.NET Web Configuration Tool, you could control access to Controller methods with the Authorize attribute, so if I wanted Admins to access AdminOnly, I could do this:

        [Authorize(Roles = "Admin")]
        public ActionResult AdminOnly()
            return View();

The guy talked to above probably wanted something that behaves like the Membership Provider.

ASP.NET Identity

The Membership Provider has been replaced by ASP.NET Identity, which supports OAuth, Two-factor authentication and other coolness. My problem: there isn’t any obvious support for roles. All of the web examples deal with the new cool (send email to confirm, login using Facebook, etc.)

I created a MVC site on Visual Studio 2015 Community and poking around ASP.NET Identity, I noticed that many of the parts that support roles

AspNetRoles & AspNetUserRoles Tables

I created a new row in AspNetRoles named “Admin” (id = 1) and added a record in AspNetUserRoles to like 1 of my users in AspNetUsers to the role “Admin”.

Decorate Controller method with proper security

I added this method to my new AccessController (I don’t use ActionResult because I’m basically lazy.):

        [Authorize(Roles = "Admin")]
        public string AdminOnly()
            // I don?t use ActionResult because I?m basically lazy. 
            //Otherwise I?d have to create a View.
            return "Welcome, you are allowed here because you are an Admin!";

1. Without logging on I go to http://localhost:58625/Access/AdminOnly and I get the Login page. Good.

2. Logged in as an administrator and I get to the page. Good.

3. Logged in as a non-administrator and I get the Login page. Weird.

Redirecting to Unauthorized page

OK, you don’t want to go to the Login page when you are logged in and are going to places where you don’t belong. ASP.NET Identity appears to redirect to Login whenever you go to somewhere you don’t belong. It makes the site feel incompetent. So I changed the Login() method in AccountController to:

        public ActionResult Login(string returnUrl)
            if (User != null && User.Identity != null && User.Identity.IsAuthenticated)
                return RedirectToAction("Unauthorized", "Account");
            ViewBag.ReturnUrl = returnUrl;
            return View();

And added

        public ActionResult Unauthorized()
            return View();

And added the appropriate view.

What about administering my users?

Right now I’m doing it in SQL Server. I’m looking into alternatives. More about that later.

Tuesday, March 22, 2016

Future: Audio Games with Amazon Alexa (or Siri)

The other day I attended an AWS user group where a Solutions Architect for Alexa Voice Service spoke about developing for Alexa. She showed off her Amazon Echo and a couple of skills that she had written for Alexa and urged us all to write our own skills with various AWS services.

I’m not a cloud expert, so much of the details went straight over my head.

She also talked about how voice UI and Alexa are new and will end up everywhere, even cars. We could build an Alexa client on a Raspberry Pi today!


Could Alexa run Eliza? When I was in college I learned about Eliza, a program that can respond as a Rogerian psychotherapist (that target was chosen because the natural language processing could be really lame and it would still seam real). After college I bought a 286 computer and found a GWBasic version of Eliza. I played Eliza more like a game, sometimes her responses would make me laugh until it hurts!

The thing that made Eliza so much fun wasn’t the quality of the Natural Language Processing. She could change me to you and you to me and spit the sentence right back to you, track if she had “heard” certain references to your parents and “say” profound things like “I understand”.

I image that the text processing to be wired up as “YOU” and speech synthesis wired to “ELIZA”. I used an online version of Eliza.

Interactive Fiction

Back in the ancient times, in some computer games, you would type commands and the computer would present you with paragraphs of text describing where you are. Why can’t Alexa read the paragraphs to me? I looked around the internet and found a place where I can play Zork online.

Wow! How exciting. Unlike Eliza, Zork has a very limited vocabulary. Looking at the command list I thought I found a way out:

Anyway I was able to wonder around as a ghost. These games where great for the time, a time when 64KB was a huge machine.

Dungeons & Dragons’ Dungeon Master

Eliza is too stupid and classic interactive fiction commands are too primitive. I think the D&D Dungeon Master is a good character for Alixa (or Siri, or Cortana) to play. I’ve listened to Nerd Poker, it is one of many podcasts where people play D&D, they are audio only, so we, as the audience, experience the game without maps.

YOU: Alexa, Dungeon Master
COMPUTER: Welcome to Dungeon Master
YOU: Resume Goldmine
COMPUTER: You are in a timber braced earthen tunnel lit only by the torch you are holding. Up ahead you see a heavy wood door guarded by an orc.
YOU: I take out my sword and approach the door.
COMPUTER: The orc comes toward you displaying his battle axe.
YOU: I attack the orc with my sword

The DM could support higher level commands, In Zork, if I wanted to return to the white house, I would have to the tell the game how to get there (if I can remember). In D&D, I can tell the DM where I want to return to and she would role some dice and tell me if I get back there without any excitement (if she isn’t too uptight); if there is any, she would guide me through any necessary exciting events.

YOU: I would like to return to the Armory
COMPUTER: On the way you meet an orc in the Great Hall.
YOU: I take out my sword.

Future Improvements

Having Alexa’s native voice lead you through a Dungeon would be exciting in the beginning, playing with your ears and all, but after a while, it would get old. What does a future audio games should like? I don’t know, but I would look at other things audio. There is old radio and podcasts, I like the sound of the Black List Table Reads and its Ear Movies could serve a template for the sound design of future audio games.


With audio games it will be possible to play an audio game while you run down bicycles and mow down pedestrians on your way into the ditch as you conquer dragons and orcs! There is a dark side to new technology!

Wednesday, January 22, 2014

I am a Social Media Introvert

This weekend I listened to Hanselminutes #406, Discourse and The Art of Discussion with Jeff Atwood. Well, anyway, Jeff and Scott talked about what social network ninja they were. How their online families are closer than their “real” families.

Since I have taken up Improv, I am less shy than I was before. I’ve learned to act extroverted, I can socialize with non-geeks, I can do scary things like speak in front of people. Blah, blah, blah.

However, I haven’t learned how to be social ON LINE. I have < 50 Facebook friends, most of them either family or from the Spokane Improv community. I haven’t tweeted for over a year, perhaps I will tweet a link to this post. I haven’t written to this blog in half a year. (I did work as a vendor at Microsoft on a secret project, so I was scared to write about tech, but the Siena beta has been out for a month, so why haven’t I written about what’s in the beta?)

So, what is the social media equivalent to improv? Is there something that I can do to get out of my social media like improv got me out of my real life shell? Some great blogger, I can’t remember who, said that you should go forth and write your blog about whatever is on your mind, so I will go forth and blog about not blogging, and here it is.

Saturday, September 28, 2013

The Bing Challenge

I took the Bing Challenge and Bing … didn’t win. Google beat them 4 to 1.

Bing has a prettier results page, but it got some things wrong. I searched for “Improv Spokane” and I got a beautiful map of major Home Improvement stores in Spokane Washington. I know the improv scene in Spokane and I would have expected to see the Blue Door Theatre in the top 3 of that search. It was #1 with Google (and Yahoo!), but below the fold on Bing. Bing did do a better job on “Improv Seattle”.

On the other 4 searches, Bing did an acceptable job, I did vote for Google for all but “Gracie Allen”, but I wouldn’t have been disappointed with any of the 3 other results. To me it feels as if Bing is focusing on the most popular results and going down from there. With its ten years or so head start, Google has built a giant pile of data and logic.

Since I’m a contractor at Microsoft right now, I actually use Bing a fair amount: 90% at work and 25% at home. Even before I got my current job I used Bing 20% of the time. Bing is slowly getting better and that’s a good thing. We need more than Google in the popular search space.

Saturday, August 31, 2013

Humorous Speech

Last week I participated in a humorous speech contest at Toastmasters. I didn’t win, I was second of three.

I can be funny as part of a normal speech, I can get one or two laugh lines I to a 5 to 7 minute speech. Since the purpose of the speech is to be funny, I kinda freak out.

In a humorous speech the audience is expecting me to be funny, so I can’t use the element of surprise. In a normal speech, a failed joke doesn’t necessarily sink the speech.

In a humorous speech the audience is expecting higher joke density. My usual Toastmaster speech has two laugh lines and perhaps an unintentional joke hidden within. So I need to triple my joke count without them sounding forced.

There is a big difference between the fellow who is funny and the comedian; any time the civilian is funny it is a bonus, any time the pro fails to be funny it is a failure.

Wednesday, July 31, 2013

Take Improv after you move

At the beginning of June I moved from Spokane to Bellevue to work at Microsoft. I signed up for improv class with Unexpected Productions even before I left Spokane. This was a brilliant move! The quarter ended last night, which makes me sad. I have already signed up for the 200 level class that starts in September.

Since then I have gone to the Matador (a Mexican themed bar in downtown Redmond) after a couple of my classes, to a couple of shows with some classmates, found a Toastmasters club (again with a couple of classmates who already belong).

Pre-improv Jack would still be hanging out alone in his apartment two months out after moving to a new city. My previous improv experience has given me some better social skills than I had before; improv class creates openness in the students.

If I ever move again I will look for improv classes in my new community. I will start at the beginning (even if I become a player at UP) and move up with my class. My objective isn’t necessarily to become a great improviser, but to have the opportunity to play and become more skilled at dealing with people (as opposed to technology).

I know that both readers of this blog are probably saying “enough of this improv stuff already!” This stuff has worked for me and I am excited about the results. I don’t know that pre-improv would have gotten this job. It has given me the courage to get up in front of people in non-improv situations; I have spoken at a half dozen code camps and I am working the Toastmasters program.

Even if I’m a really bad improviser, it’s worth it.