I'm working with a web application in Asp.Net Core 1 and would like to integrate authentication, I thought of using Stormpath but can not connect to a local database to make the login match.
If there is no way, what choice do I use?
Thank you
Stormpath will store your user accounts, but you can also use a local database to 'relate' to your Stormpath user accounts.
The idea is pretty simple. When you store a user in Stormpath, you'll get back an account object. This object has an href property which is a unique ID for the user.
If you want to create a database table named books, that has an author_id ForeignKey type field, you would define the author_id field as a TEXT field, then store the account href from Stormpath there.
This is how you would 'relate' to Stormpath accounts.
Related
I've built a MVC WebApp using the ASP.NET 2.0 Core MVC template + Individual User Accounts (EF) and notice that the AspNetUsers table in the database created for my WebApp has a non-unique index for Email whereas the UserName index is unique. Further upon account creation UserName is set to the same value as Email, but the user is then allowed to change their Email using the account management page. I am struggling to understand the rationale here.
I would expect each AspNetUser record to relate to a different person. Therefore why not make Email unique? After all, the email confirmation process expects the address to be unique to the user. However, being non-unique means that user might change their email address to one shared by one or more other users e.g. admin#abc.com. Where is the value in such a use case? Indeed, this is behaviour I want to stop on my site.
Questions:
Would changing the AspNetUser Email index to unique have any consequences or otherwise break the framework?
Would allowing the user to change their UserName have any consequences or otherwise break anything? The primary key of AspNetUsers is Id and seems to used as the foreign key by the other identity tables created by the framework.
Can anyone recommend how to check from the account management page (client side) that a new UserName is unique?
I've found other questions on StackOverflow about this sort of thing, but they don't answer the above questions or explain the rationale
asp-net-username-to-email
asp-net-identity-use-email-instead-of-user-name
I'm creating a multi tenant app that something like project management software.
In my structure, there is a User table that excluded from multi tenant.
User comes my sign-up page, fills the subdomain field called Company then I create a schema for this user. So, they can access their account as companyname.example.com. Everything is okay so far.
I also have an Account table to store subdomains with a creator user.
Now, I also created a table for Account permissions. This table includes Account_id and user_id. I did something like that because, user could join more than one Company with same email address.
Conclusion;
User table
Account table
Account_permissions (to check when someone try to login to specific company. Because, they have more then one company.)
Does this make sense ? Do you have any idea in this case ?
I am running into a problem in customizing username table in aspNet Identity.
Currently, i am able to login and register with email.After registration,user's Email is filled in email and username column both. now, i know how to seperate these so that username and email both are unique. i have followed this article.http://marcinjuraszek.com/2014/03/asp-net-identity-2-0-0-username-and-email-separation.html
I have already customized the primary key from string to int.
But, now i want to remove unique constraint on username field also.so that two user's with different email id can have same name ?? I am working on a social application where may be at sometime, the user's count could go up to 100k. then its not possible for every user to have its unique name other than email id. please suggest me how to achieve it ?any article or any suggestion or any way to customize it??
The username column is designed to be used as a unique credential for authentication. See it as an alternative to signing-in with an email address. Because of that, you should not try to use it for another task.
It looks like you are trying to use the username column to store the user's name (as in a full name or pseudonym). Again, this field is not designed for that.
You need to use another mechanism to store the user's name. You may create a new field called DisplayName. You can also use a database table to store extra information.
See How to extend available properties of User.Identity and ASP.NET Identity 2.0: Customizing Users and Roles
I am building an MVC4 application and need to use external authentication (Facebook, etc). I have that working fine. I see the SimpleMembershipProvider creates 2 separate tables to handle this: "webpages_Membership" and "webpages_OAuthMembership". I need to map other tables (foreign keys) to User ID. The problem is both tables have a user ID which are unrelated to each other.. I could ignore the foreign keys in the database if necessary (don't like that though), but the bigger question is this: in code, how would I determine whether a user is authorized externally or locally so that I know where to get his other info from? Specifically, I have a user profile table where I will map other attributes to.. having 2 different types of user, how does one go about this?
Right, I have learned more about MVC4 and SimpleMembershipProvider and I see now that the User ID on both tables is actually a foreign key to a parent table called UserProfile. So, User IDs will still be unique.. it's just the mappings are a little different to what I was accustomed to with the standard ASP.NET membership provider. Email address and whatever other properties are required can be easily applied to the UserProfile table.
In creating a new ASP.NET MVC application, I have an issue with the approach I'm using to store user-created data for temporary users who have yet to create an account which I then try to convert to a real user. That probably doesn't make much sense, so let me explain:
A visitor to the site can enter profile settings before being made to register with a username, password, etc.
I'm creating database entries via LINQ to SQL for a new user in this case, using the Request.AnonymousID value as a temporary username.
When the user chooses to register, I need to 'switch over' the relevant database records to use the newly entered username instead of the temporary one.
The problem is that when I try to update the record I can't because the username is the primary key, so I'm forced to delete the record and add a new one...
I can probably persevere with this, but I think I might just be going about this in completely the wrong way and wondered if anyone could suggest a better way to allow visitors to store information before they've registered and have that carry over when they do.
I know about profiles but want the profile information to be available to other visitors. I also know that I can create an anonymous profile but it seems like I should be able to keep the data model out of the web.config file.
I would suggest having an independent primary key for the table with your custom user data.
And then have fields like RefAnonymousId and RefUserId to relate that user data to the anonymous user and the registered user, respectively.
For example:
TABLE UserData
(
UserDataID int IDENTITY(1,1) PRIMARY KEY,
RefAnonymousId uniqueidentifier,
RefUserId uniqueidentifier,
... (data fields),
(maybe also unique keys on RefUserId and RefAnonymousId)
)
That way you will also be able to identify the user when the user is logged out and maybe automatically log the user in...