brockallen
commented
7 years ago I would like to build a migration helper (if I had the time). As of now, I don't have the time. If someone wants to start one, I'm happy to review any part of it.
Open nicholas-brooks opened 7 years ago
brockallen
commented
7 years ago I would like to build a migration helper (if I had the time). As of now, I don't have the time. If someone wants to start one, I'm happy to review any part of it.
ghost
commented
7 years ago I second the thanks, Brock. MR has been huge time saver and looking through it's source has taught me a lot. Much appreciated.
I'm also interested in this migration helper. Totally understand about not having time to write it. Do you think you might have time to describe the major components of the helper at a high level? Stuff like:
This would definitely help point folks like me in the right direction.
Thanks again!
brockallen
commented
7 years ago Thanks. No timeline yet on a migration tool yet (since no direct customers need it right now). But yea, basically what's needed is to look at the 2 object models and find out how to map from one to the other. Many of the concepts are the same, but some don't map.
ghost
commented
7 years ago Makes sense. Do you see the migration as a one time execution type of deal? Or do you think we'll have to wait till each user logs in and then transition them over during the session. I ask because i'm not sure how the transition of the password would work (i imagine ASP.NET doesn't have an identical cryptographic scheme, schema etc).
brockallen
commented
7 years ago You can plug in your own hashing logic in AspId3, so that logic could be carried over.
AKlaus
commented
7 years ago @brockallen, could you please confirm that you meant ASP.NET Core Identity as a way to move on? And would you still advise to use MR to the .NET developers (not .NET Core)?
Robban1980
commented
7 years ago I recently did the move from IdentityServer3 and MR to IdentityServer4 and AspNet Identity 3. And it was quite painless. Given i have not been using all functionality in MR, but still really easy.
To not make any difference for the users, i implemented a custom password validator, that can handle both old MR hashes and the new ones for Identity 3. Then the password transition part can be done gradually as the users changes passwords.
justSteve
commented
7 years ago @Robban1980 I'm facing the same task an am hoping you could expand on the steps taken a bit.
Robban1980
commented
7 years ago @justSteve it would be easier to answer if you had specific questions. :)
Basic things i did was setting up the DB for AspNet identity to be able to see what it looked like and how i should do the migration of the users. There is a bit of differences between the databases, roles and claim can be mapped quite easily. Token generation is done in AspNet Identity so these no longer needs to be stored in the DB, unless you want to do something custom with them. AspNet identity has most of what MR offers, if it does not have something specific it can easily be added.
TheeJamesLee
commented
7 years ago @Robban1980 this is something that we are going to have to do shortly. I was wondering if you were able to share the custom password validator and more detail around the defined steps you took for the migration, with any chance example code if there was anything specific?
I'm just thinking as well that more and more developers are going to need to do this so would be ace if we could put something together to let more people take advantage of the move and make it easier for the masses. :)
So I think the main steps from reading this (and from the top of my head).
*'existing' = MembershipReboot ||| 'newer' = AspNet Identity
1) Create AspNet Identity solution + custom password validator that can handle 'existing' account passwords and 'newer' account passwords, converting to 'newer' on change password. 2) Create 'newer' fresh database. 3) Migrate 'existing' data into 'newer' database (Or did you change the models in AspNet identity to match the 'existing' data and just point at the DB?) 4) Test 5) Retire 'existing'
Robban1980
commented
7 years ago @TheeJamesLee no promises, but i will try to throw together an example of a custom password validator implementation for AspNet identity this week with some instructions, and upload it.
I would recommend transforming your MR data to fit AspNet identity. You might need to add some new columns to AspNet Identity User table as AspNet Identity is very bare bone. This would be completely from case to case on what you use and not. I did it this way to make AspNet identity easier to upgrade in the future.
Robban1980
commented
7 years ago @TheeJamesLee please check here for an example https://github.com/Robban1980/MembershipRebootToAspNetIdentity.PasswordHasher
I just saw the updated README stating MembershipReboot will not be maintained going forward.
Does anyone have any pointers or guidance in moving a deployed MembershipReboot instance to ASP.NET Identity (presumably core version)?
BTW, thanks Brock for MembershipReboot. It really helped my team meet customer expectations.