If you prefer to use Entity Framework, more power to you. After developing my SQL skills for years it just feels "odd" to give them up for what I consider minor convenience. I'm sure that this is some sort of holy war discussion that really, I'm not interested in participating in. Given that, there are some of us out here in the wild that don't want to use ORM's like Entity Framework (or any other for that matter, except of course Dapper). So when I found out that the new security model for ASP.NET called "ASP.NET Identity" had a dependency on EF, I needed a way to remove it.
We have several versions of Identity running without EF (pre source release), some that are older now. At the time of this writing they are on version 2.2.1 and have released the source for ASP.NET Identity, which makes life much easier.
As I talked about in a previous post about the Identity Security Stamp, I suggested that I was working on running without EF, this is the follow up to that post. (TL;DR; - don’t let Security Stamp be null in your database)
Basically I took the default ASP.NET MVC site that is generated with Visual Studio and converted it to use Identity without Entity Framework against a MSSQL database. I use Dapper as the wrapper for the raw SQL. You can use this as an example, or start from it, either way I hope somebody finds it useful.
Download the Source https://github.com/jbrozek/Identity.NoEF
This should give you the familiar default project, where you should be able to register, change password, login, logout.
This is used to extend the user profile based on your needs, you can change the table and the class to match your needs. I prefer to extend the user via profile and keep the security items separate.
This is basically a wrapper for the connection string, I find this useful when you enter Dependency injection land.
IdentityModels & GenerateUserIdentityAsync
If you look at the default project it has a .cs file named, IdentityModels. I removed that, and moved the GenerateUserIdentityAsync method over to the IdentityUser class, that just seemed to make more since to me so that a critical piece of security code isn't buried in some model. Just a personal preference.
Feedback? Better Idea? General Comment? Problems?