I am trying to implement custom authentication using the new ASP.NET Identity in an MVC 5 project.

I have a single username and password that I want to use to restrict which pages of the website the user can see via [Authorize] tags on controllers and views. (Easy)

I am migrating from a FormsAuthentication model whereby this was as simple as putting the credentials in the web.config.

Because I only have a single username and password I don't want to use a database as the UserStore, instead I want ASP.NET Identity to retrieve the username and password from a custom configurationsection in the web.config (don't worry about that part).

After much search, I can't find a code sample that doesn't rely on a database for ASP.NET Identity authentication.

So i'm looking for a code sample that at the point of authentication, the user can put in custom code to check the username & password against the credentials in the custom ConfigurationSection of the web.config.

Can someone please point me in the right direction thanks.

Update : I've tried looking at this code sample but it doesn't even compile out of the box.. poor. http://code.msdn.microsoft.com/Simple-Aspnet-Identiy-Core-7475a961

Update : The reason that I don't want to use FormsAuthentication is that I am writing a NuGet package that will be installed into a web application. One of the things the NuGet package will do is create a custom ConfigurationSection in the web.config that includes (among other things) a single username and password. I thought this would be safer as it wouldn't alter any existing FormsAuthentication settings currently in the target web application.

Update : I think I have got it working. Will post findings soon.

-- Lee

I now have a working copy of the code here https://github.com/leeenglestone/ASP.NET-Identity-Without-a-Database

It is based heavily on the work already done by Santosh Poojari

-- Lee

You don't have to migrate to Identity framework, FormsAuthentication still works. And Andrew is correct, using Identity framework makes little sense here, since it is all about managing users.

However, if you insist on using it, you can implement your own UserManager and IUserStore. Some guidance can be found in Scott K. Allen blog post. See the links on the bottom - samples of implementations - you can take some of these and convert to your needs.

I would imagine your IUserStore will be simple, because there is only one user and most of the methods don't have to be implemented. And for the ones required (I think you'll need FindUserById and related) you'll need to reach to web.config via ConfigurationManager