ASP.NET Identity is referencing CoreWiki.Core directly

[bravecobra]

The code of ASP.NET Identity is using the domain object CoreWikiUser directly. There is also no abstraction of the Identity code, making it impossible to refactor it out to the Application layer.

The issue has been raised before in the Identity repo: aspnet/Identity#883
As that issue states it has been fixed, maybe we need to look what consequences that has for our code and how we can improve it to achieve that separation.

The documentation can help there as well as it show how to create a IUserStore: https://docs.microsoft.com/en-us/aspnet/core/security/authentication/identity-custom-storage-providers?view=aspnetcore-2.1
That takes at least the EF out of the equation. UserManager is going to be trickier, not sure yet whether that is needed. It depends on whether the session lives at the front-end or the back-end. If it's front-end only, then the mobile/API back-end (once created) might need its own depending on the functionality being exposed.

[bravecobra]

Some further reading material: https://docs.microsoft.com/en-us/dotnet/standard/microservices-architecture/secure-net-microservices-web-applications/
I think this is somewhat what we're after. We want the Identity UI in the website and keep the session there, but do the actual authentication in the backend so also a mobile app can use that same auth process to get a token to access the API.