Secure .NET App with Google Authentication (Step-by-Step)

#dotnet #beginners #webdev #security

When building a web app with login functionality, you’ll often wonder how to handle authentication securely and efficiently. External login providers like Google, Facebook, and LinkedIn offer users a seamless and trusted sign-in experience. Integrating Google login enhances security via OAuth 2.0 and saves you from managing passwords. It also improves usability by letting users log in with accounts they already use.

This guide walks you through adding Google authentication to your ASP.NET Core MVC app step by step.

Step 1: Create an ASP.NET Core MVC Project with Identity

Let’s start by creating the ASP.NET Core MVC application that we’ll be working with.

Follow these steps using Visual Studio:

Open Visual Studio 2022 or later.
Click on Create a new project.
In the project template list, select ASP.NET Core Web App (Model-View-Controller). 👉 Tip: You can search “mvc” in the search box to find it quickly.
Click Next.
Give your project a name, such as JobTracker or JobApplicationPortal.
Choose a location on your computer where the project should be saved, then click Next.
On the Additional Information screen:
- Target Framework: .NET 7 or later
- Authentication Type: Individual Accounts
- Ensure Configure for HTTPS is checked
Click Create.

Once the project is created, run it using Ctrl + F5. You should see a default ASP.NET Core MVC homepage with Register and Login links — this means Identity is successfully configured.

✅ Great! Now that your project is set up, let’s move on to installing the required packages to support Google login.

Step 2: Install Required NuGet Packages

To enable Google login, first install the necessary authentication packages:

Install-Package Microsoft.AspNetCore.Authentication.Google

Also ensure you already have:

Install-Package Microsoft.AspNetCore.Identity.EntityFrameworkCore
Install-Package Microsoft.AspNetCore.Identity.UI
Install-Package Microsoft.EntityFrameworkCore.SqlServer
Install-Package Microsoft.EntityFrameworkCore.Tools

💡 These enable ASP.NET Identity, EF Core, and Google OAuth integration.

Step 3: Create Google OAuth Credentials

Head to Google Cloud Console:

Create a new project
Enable "Google Identity Services" API
Go to "OAuth consent screen" → External → Fill app info → Add localhost as authorized domain
Create OAuth credentials
- App type: Web
- Redirect URI: https://localhost:7020/signin-google
Store your client ID/secret securely using these steps:
- Open Visual Studio.
- Right-click your project in Solution Explorer and select Open in Terminal (or use Command Prompt/PowerShell).
- Make sure you're in the folder where your .csproj file is located.
- Run the following command to initialize user secrets if you haven’t already:

dotnet user-secrets init

Store your client ID/secret securely using:

dotnet user-secrets set "Authentication:Google:ClientId" "your-client-id"
dotnet user-secrets set "Authentication:Google:ClientSecret" "your-client-secret"

Step 4: Configure Google Auth in Program.cs

Inside Program.cs, add Google auth after setting up Identity:

builder.Services.AddAuthentication()
    .AddGoogle(options =>
    {
        options.ClientId = builder.Configuration["Authentication:Google:ClientId"];
        options.ClientSecret = builder.Configuration["Authentication:Google:ClientSecret"];
    });

Step 5: Add Google Login Button in UI

In Areas/Identity/Pages/Account/Login.cshtml, below your login form, add:

<div class="mt-6 border-t pt-4">
  <p class="text-sm text-center text-gray-500 mb-4">Or sign in with</p>
  <form asp-page="./ExternalLogin" asp-route-provider="Google" method="post" class="w-full">
    <input type="hidden" name="returnUrl" value="@Model.ReturnUrl" />
    <button type="submit" class="w-full py-2 px-4 bg-red-600 text-white rounded hover:bg-red-700">
      Continue with Google
    </button>
  </form>
</div>