Sorry for the delayed answer .. a bit fussy at the moment :)
IUserIdentity is the minimum interface required to use the Nancy built-in authentication assistants, you can implement this and add as much additional information as you want to your class; It is similar to the .net IPrincipal standard. If you add your own information, you will obviously have to give your implementation type access to additional fields. We could add the CurrentUser method so you don't do this, but it seems a little redundant.
You can stop reading here if you want, or you can read if you are interested in how auth forms work.
FormsAuth uses the IUsernameMapper implementation (which is probably not specified correctly now) to convert between the Guid user ID stored in the client cookie and the actual user (IUserIdentity). Itβs worth noting that this GUID should be mapped to the username / id somewhere, but it is not intended for your primary database key, itβs just a layer of indirection between your (possibly predictable) identifier / username and βtokenβ, stored on the client. Although cookies are encrypted and HMACd (depending on your configuration), if someone can really crack and restore the auth cookie, they will have to guess someone else's GUID to impersonate them, instead of changing the username ( to "admin") or something similar), or id (up to 1 for the first user).
Hope this makes sense :)