How to customize authentication to my own set of tables in asp.net web api 2?

ssuming your table is called AppUser, convert your own AppUser domain object to IUser(using Microsoft.AspNet.Identity) like this

using Microsoft.AspNet.Identity; public class AppUser : IUser { //Existing database fields public long AppUserId { get; set; } public string AppUserName { get; set; } public string AppPassword { get; set; } public AppUser() { this.Id = Guid.NewGuid().ToString(); } [Ignore] public virtual string Id { get; set; } [Ignore] public string UserName { get { return AppUserName; } set { AppUserName = value; } } }

Implement the UserStore object like this

using Microsoft.AspNet.Identity; public class UserStoreService : IUserStore<AppUser>, IUserPasswordStore<AppUser> { CompanyDbContext context = new CompanyDbContext(); public Task CreateAsync(AppUser user) { throw new NotImplementedException(); } public Task DeleteAsync(AppUser user) { throw new NotImplementedException(); } public Task<AppUser> FindByIdAsync(string userId) { throw new NotImplementedException(); } public Task<AppUser> FindByNameAsync(string userName) { Task<AppUser> task = context.AppUsers.Where(                               apu => apu.AppUserName == userName) .FirstOrDefaultAsync(); return task; } public Task UpdateAsync(AppUser user) { throw new NotImplementedException(); } public void Dispose() {         context.Dispose(); } public Task<string> GetPasswordHashAsync(AppUser user) { if (user == null) { throw new ArgumentNullException("user"); } return Task.FromResult(user.AppPassword); } public Task<bool> HasPasswordAsync(AppUser user) { return Task.FromResult(user.AppPassword != null); } public Task SetPasswordHashAsync(AppUser user, string passwordHash) { throw new NotImplementedException(); }  }

If you have your own custom password hashing you will also need to implement IPasswordHasher. Below is an example where there is no hashing of the password(Oh no!)

using Microsoft.AspNet.Identity; public class MyPasswordHasher : IPasswordHasher { public string HashPassword(string password) { return password; } public PasswordVerificationResult VerifyHashedPassword (string hashedPassword, string providedPassword) { if (hashedPassword == HashPassword(providedPassword)) return PasswordVerificationResult.Success; else return PasswordVerificationResult.Failed; } }

In Startup.Auth.cs replace

UserManagerFactory = () => new UserManager<IdentityUser>(new UserStore<IdentityUser>());

with

 UserManagerFactory = () => new UserManager<AppUser>(new UserStoreService()) { PasswordHasher = new MyPasswordHasher() };

In ApplicationOAuthProvider.cs, replace IdentityUserwith AppUser

In AccountController.cs, replace IdentityUser with AppUser and delete all the external authentication methods like GetManageInfo and RegisterExternal etc.