I am new to asp.net mvc 3 world
I looked at some tutorials to get started. I want to know what is the best option to manage users?
I intended use of the membership provider (and modify this for extend the default fields)
or use the user profiling + membership provider?
What are the advantages and disadvantages of these?
once I made my application the idea is create a mobile application: a user must be able access by user and password (my web application)... it affects my choice?
Start from here :
http://www.asp.net/mvc
You can take advantage of a sample application :
http://www.asp.net/mvc/tutorials/mvc-music-store-part-1
And the following one is specific to membership :
http://www.asp.net/mvc/tutorials/mvc-music-store-part-7
I would also consider integrating OpenAuth.
DotNetOpenAuth oAuth in ASP.NET MVC
Another good example is the NerdDinner project.
Site: http://www.nerddinner.com
Source Code: http://nerddinner.codeplex.com
Related
I am building user portal and wants to load authenitcated user data from database when form authentication happens.
Can you please help me to understand what are best approach asp.net mvc have to load the user data from database when page load post the form authentication
One I can think of is JQUERY to query data from database using CONTROLLER
You should look into Microsoft's tutorials first, you can get started here. Follow these tutorials first before asking questions here.
Once you understand the concepts, I suggest you use the ASP.NET Identity framework to authenticate and authorize your users. It provides many out of the box features and allows customization according to your needs.
You should use what the ASP.Net MVC plumbing offers.
Specifically, use the UserManager<T> in namespace Microsoft.AspNet.Identity(maybe start here)
However, if this is your first time, in order to get you started, I would recommend you try to create a new MVC sample application instead of writing an application from an empty template: it will help you understand the mechanisms ASP.Net MVC exposes for your need.
Good luck :)
ASP.NET newbie here, I'm looking for a way to integrate my existing database into ASP.NET's authentication system. I have a separate project making use of Entity Framework to interact with a database (Model-First Entity Framework 5) that I would like my ASP.NET MVC 4 site to use to authenticate off.
To further complicate matters, this is not a simple username/hash/salt table. I employ Blind Hashing and two factor authentication using the Google Authenticator (OATH-TOTP) is an option users can have. Additionally, I don't just have users, I have Accounts and Profiles, of which an Account can have many profiles (distinct, separate 'users' in a public sense that the owner can easily switch between). Lastly, Account can also have several emails, not just one. In other words, this doesn't fit in to normal user/password conventions when dealing with authentication. Fortunately, I've written partial classes to give most of these entities (such as Account) ways to handle this easily, such as:
someAccount.CheckPassword(password[, twoFactorToken])
I can do this easily enough using Entity Framework 5, but I'm very unfamiliar with how ASP.NET MVC 4 handles users. Is there an easy way to get user authentication going in ASP.NET MVC 4? Do I need to do something with MembershipProvider? Do I use SimpleMembership or the legacy one? Bonus: Can I take advantage of Windows Identity Framework and use that instead?
I've opted instead not to use the Membership Provider, and just use Forms Authentication. I did not realize you could use this without using a membership provider.
I'm pretty new to MVC and looking for an MVC3/Razor web project template that uses a custom membership provider (or custom authentication whatsoever).
I want the project to contain a SQL database, that has a simple User/Role/UserRole scheme, and the user table contains a UserId, Username and Password fields (preferable encrypted), and some login functionality that works thru it.
Any direct link or guidance on how to do it the short way will be highly appreciated.
When I had to do this I started with Asp.Net MVC Membership Starter Kit. Good luck!
How would you handle membership in an ASP.NET MVC application? Using any external libraries? How would you do OpenID log in? username log in? email log in? any other that is worth looking into? Maybe all of them mixed into the application?
It seems ASP.NET comes with some pre-build user database (I'm totally new to .Net). The NerdDinner example uses it but then it makes the foreign keys use the username. That doesn't sound very good. Do you use this schema of two separate databases or only one? What do you use as the foreign key, any IDs?
I've found ASP.Net MVC Membership, anybody using it? does it work well? can it be expected to be maintained?
Membership Providers are not new to ASP.Net MVC, they were introduced with ASP.Net 2.0.
The Membership Provider model is simply an abstraction layer between your application and whatever source you are authenticating your users against. You can switch providers easily by simply changing your web.config file.
It is easy to write a membership provider, there are many walkthroughs on the web. Typically you would do so if you were using a database that used a different schema than the default examples that come with ASP.Net (which is most of the time). The foreign keys on the username thing in the NerdDinner example is a simplistic example that you would rarely see on any real-world databases.
I would highly recommend using the Membership model. Controls like the Login control are built to make use of it, and it is well-designed and makes it easy to change or combine different login methods for your application. If you want to use OpenID, a quick google search brought up this OpenID Membership Provider.
I'm creating an ASP.NET MVC site and I need to implement login and membership functionality.
Is this something where I roll my own? I already have a members table in my database, should I create a username and password hash field and just check against it? What about keeping the user logged in with a cookie that expires?
Is this an instance when you would use ASP.NET's built in Membership service?
ASP.NET MVC neophyte seeks help.
When you create a new ASP.NET MVC site, it already has membership built in. The CodePlex project mentioned in the other reply is only needed in special cases, namely:
You are using an early beta of the MVC framework, which doesn't have the membership feature.
You want to use an authentication system like OpenID, which isn't supported "out-of-the-box" with MVC.
You want membership administration features not included "out-of-the-box"
However, like I said, basic membership functionality is already present in an MVC site. Just add the [Authorize] attribute to any action requiring login. This is regular forms authentication, so you configured in Web.config like a non-MVC site (specifying the database, etc.; there's lots of information on the web about this).
A default MVC site will contain an "Account" controller and views which you can customize to fit your needs.
To answer the obvious question, no, you should not "roll your own." Even if you need custom authentication, it would be better to create a regular ASP.NET membership provider than to create an entirely new membership framework.
Update: The CodePlex project was updated to work with MVC 1.0
If you want to use something safe to start off with, either use the new project's template membership or consider using http://www.codeplex.com/MvcMembership.