Before we start to delve into the code, I want to present a short overview of the end-to-end authentication and authorization flow the user will have with the web application we are building.
Here is a sequence diagram that shows the entire flow:
I've added a new controller whose responsibility is to deal with all the user account operations, such as registration, login, and so on. The AccountController uses the UserManager and SignInManager classes from the ASP.NET Core identity infrastructure. These classes encapsulate all the sensitive user management operations and create the necessary separation between ...