A starting web template that manages registrations and logins for multiple users. It includes different mechanisms such as using SSO login for Google accounts, and OTP authentication using an Authenticator app device, such as Microsoft or Google Auth.

• Visual Studio 2019 or later
• Microsoft .NET SDK v5.0.400
• SQL Server 2019 or later
• SQL Server Management Studio

Make sure you select x64 version of the architecture

Open the Solution in Visual Studio

Configure local path for Database

Expand the TemplateRESTful.API and TemplateRESTful.Web folders

2. Open the appsettings.json file

3. Replace the following database settings

Server=myServerAddress;Database=myDataBase;

with the correct settings for your Database Server

  Data Source=SQL_SERVER\\SQL_DATABASE;Initial Catalog=DATABASE_NAME;

  update-database -context IdentityContext
  update-database -context ApplicationDbContext

Select a Project to load the API or Web

Right click on the project solution, and select Set as a Startup Project

Run and build the API or Web

Select the TemplateRESTful.API or TemplateRESTful.Web, then click on IIS Express

1. Enable 2-step verification in your gmail settings

2. After clicking on App Password Options, set a password and click on Generate button to get the sign in passcode

3. Inside the appsettings.json file, replace email settings

  "EmailConfiguration": {
    "From": "[email protected]",
    "SmtpServer": "smtp.gmail.com",
    "Port": 465,
    "Username": "[email protected]",
    "Password": "xxxx xxxx xxxx xxxx"
  },

1. Create a new app in Google Cloud Platform, and install the External Identity ProviderNuGet package

2. Inside the appsettings.json file, replace auth settings

"Authentication": {
    "Google": {
      "ClientId": "0000000000000-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com",
      "ClientSecret": "GXXXXX-XXXX_XXXXXXXXXXXXXXXXX_GXXXX"
    }
  },

Click for step by step for instructions, how to generate your ClientId and ClientSecret

• 1. User registrations - Multiple users can register an account at the same or different times.
• 2. User confirmations - Each user can login and confirm their account by clicking a secure link.
• 3. User profile - Each user can access, and change personal information on their profile.
• 4. User credentials - Each user can securely reset their password if they forgot their passkey.
• 5. User SSO login - Some users can login to the application using their Google account.
• 6. User enable 2FA - Each user can enable two factor authentication by scanning a QR code.
• 7. User 2FA Access - Some users can login using a OTP access code provided by Authenticator.
• 8. User recovery access - Each user can access recovery tokens when unable to login using 2FA.

• 1. Admin authentication - Admin user can login to application by using Email generated access code.
• 2. User registrations - Admin user can see User registration information, such as active status
• 3. User login attempts - Admin can see User failed login attempts logs, such as Id and login time.
• 4. User privileges - Admin can grant or deny access to User accounts that violated login policy.

This project has been built using AdminLTE UI template, to launch a quick demo, and contains some custom styles.

Distributed under the MIT License. See LICENSE for more information.