Login Audits / has tenant

[fasteddys]

Hello, I can only express a deep thanks, on behald of ASP developers/teachers/students for this. This is the only solution by far that enables a management UI for user/roles and claims OOB, I am using core 6, and it builds fine. I think you have to manually update it & the nugets.

• [ ] Can you please allow for Log-in Audits tables, to view users log-in attempts/success/fail or spoof, ddos, phishing evidence.

public class AuditModel
{
    public int AuditId { get; set; }
    public string Area { get; set; }
    public string ControllerName { get; set; }
    public string ActionName { get; set; }
    public string RoleId { get; set; }
    public string LangId { get; set; }
    public string IpAddress { get; set; }
    public string IsFirstLogin { get; set; }
    public string LoggedInAt { get; set; }
    public string LoggedOutAt { get; set; }
    public string LoginStatus { get; set; }
    public string PageAccessed { get; set; }
    public string SessionId { get; set; }
    public string UrlReferrer { get; set; }
    public string UserId { get; set; }
}

• [ ] Also any chance you can incorporate the ZZZ framework here to filter/has tenant. like so...

https://github.com/MultiTenancyServer/MultiTenancyServer https://www.codingame.com/playgrounds/5514/multi-tenant-asp-net-core-4---applying-tenant-rules-to-all-enitites https://aspnetboilerplate.com/Pages/Documents/Multi-Tenancy https://www.mianquan.net/tutorial/serenity-guide/tutorials-multi_tenancy-filtering_users_by_tenantid.md

// Add Multi-Tenancy Server defining TTenant<TKey> as type Tenant with an ID (key) of type string.
    services.AddMultiTenancy<Tenant, string>()
        // Add one or more IRequestParser (MultiTenancyServer.AspNetCore).
        .AddRequestParsers(parsers =>
        {
            // Parsers are processed in the order they are added,
            // typically 1 or 2 parsers should be all you need.
            parsers
                // www.tenant1.com
                .AddDomainParser()
                // tenant1.tenants.multitenancyserver.io
                .AddSubdomainParser(".tenants.multitenancyserver.io")
                // from partial hostname
                .AddHostnameParser("^(regular_expression)$")
                // HTTP header X-TENANT = tenant1
                .AddHeaderParser("X-TENANT")
                // /tenants/tenant1
                .AddChildPathParser("/tenants/")
                // from partial path
                .AddPathParser("^(regular_expression)$")
                // ?tenant=tenant1
                .AddQueryParser("tenant")
                // Claim from authenticated user principal.
                .AddClaimParser("http://schemas.microsoft.com/identity/claims/tenantid")
                // Add custom request parser with lambda.
                .AddCustomParser(httpContext => "tenant1");
                // Add custom request parser implementation.
                .AddMyCustomParser();
        })

[mguinness]

Apologies for not responding to this when posted. I'll respond now for others that may have similar requirements. To add auditing you can extend SignInManager, see Adding Basic User Auditing To ASP.NET Core for more details. Unfortunately ASP.NET Core Identity was designed for single-tenancy and doesn't support multi-tenancy OOB. There are workarounds like using Finbuckle MultiTenant or ABP Framework, but it might be a better option to instead use Microsoft Entra ID.