Membership and asp.net MVC

views:

132

answers:

Membership and asp.net MVC

I’m building a site that needs users created with different roles and permissions to access different areas of the site.

I using mvc 2 but I can’t find much clear guidance on using the Membership tool with mvc to create accounts and roles etc.

I tried the web configuration tool which works but I would like to administrate the site remotely.

I used the aspnet_regsql tool so I can access the SqlMembershipProvider Schema in my Database.

I also need to add more information to a user like profile info and a picture, would I add these to the membership tables or create separate tables for this?

Any advice or help would be really helpful?

Thanks

Jemes

+1 A:

It's the same mechanism as in asp.net. http://aspnet.4guysfromrolla.com/articles/120705-1.aspx http://netrsc.blogspot.com/2009/04/membership-management-for-aspnet-mvc.html

Whenever I need some more info about user I create my own profile info table. Do not change the generated membership tables because of upgrades.

nubm 2010-04-06 12:20:07

Do you use the built in membership system or did you create your own provider?

Jemes 2010-04-06 13:05:02

Always the built in membership. Generally I think that there are situations when you use your own but it's not very often. Maybe some larger or more special projects. Consider the maintainability. swhook is right that it isn't especially difficult but it's IMHO very often an excessive work.

nubm 2010-04-06 14:26:58

Well if you would like to create your own provider you should be able to identify what more it brings you. If nothing or you don't know, just stick with the built in membership.

nubm 2010-04-06 14:43:23

Easy and very nice tutorials on this http://www.asp.net/learn/security/?lang=cs with Storing Additional User Information. (Hope this the last of my comment monologue :-)

nubm 2010-04-06 15:15:38

With the Built In Membership, I will still need to have create my functions to create, edit users etc. The membership just gives me the database schema does'nt it?

Jemes 2010-04-06 15:16:15

Yes. The built in ASP.NET Web Site Administration Tool (WSAT) is useless in the production. The Membership cares for things like [Authorize(Roles="Administrator")] on Action and you don't have to solve the complete process on your own. But you have to write the complete administration backend. There was a project ASP.NET WSAT but it was abandoned http://forums.asp.net/t/1390061.aspx At least good to peak how it should look like. But if you follow the links I gave you above you will be able to build the administration. When you get to used to how the things work it's really not difficult.

nubm 2010-04-06 16:46:46

If you want to become a real Pro :-) you can buy the book http://www.wrox.com/WileyCDA/WroxTitle/productCd-0764596985.html

nubm 2010-04-06 16:49:33

+3 A:

I have always found that it is better to create your own membership provider rather than use the default ASP.NET MVC membership service that you get for free with the regsql tool. Don't be afraid to open up the Account Membership Service (the descendant of IMembershipService) and start playing around with it.

The first thing I do when starting a new ASP.NET MVC 2 project is to gut the account classes down to a simple provider and use my own Users table in my SQL Server database.

Since the membership service implements the IMembershipService interface, it will be easy for you to start over using your own business object framework and implement the interface.

Get your Users working first. Then come back and create your roles tables once you have your Users working and logging in.

Steve Hook 2010-04-06 12:23:32

If I create my own provider will features like Authorise still work on my controllers?

Jemes 2010-04-06 13:00:08

@Jemes Absolutely. By creating your own you are really just telling the provider where to look to get your user. You just tell it to look at your Users table instead of what the default project provides you.

Steve Hook 2010-04-06 13:20:48

Thanks for your help. What do mean by 'gut the account classes down to a simple provider'?

Jemes 2010-04-06 13:37:45

@Jemes Sure. I can tell you how I do it. I open Models\AccountModels and separate each of the classes into their own file. Most of them are just view models anyway. Then you can re implement IMembershipService on AccountMembershipService to use your own business layer (linq to sql, entity framework) and probably a repository pattern to load the database records. You might not even need to change the FormsAuthenticationService. Then your AccountController will change a bit to use your own business layer but the compiler should point you to those spots.

Steve Hook 2010-04-06 13:56:42

I new to .net and MVC so havent come across the membership before. I like the idea of creating my own provider as then I know whats going on but will I be creating more work for my self?

Jemes 2010-04-06 15:19:01

If you use anything beyond what the regsql tool provides you for a user, you are creating more work for yourself if you don't write your own.

Steve Hook 2010-04-06 15:21:04

Sorry to ask so many questions. I don't think I'm going to use any more features then the membership provider builds in. I've created a class and inherited the mebership provider and abstracted a class so all the method are created for me. Is this where you just create all these methods yourself?

Jemes 2010-04-07 15:33:27

Yes. Once you have a class that implements the membership service interface just implement each method it requires. If you get stuck you can look back at the default template's membership service to see how they do it. There should be plenty of examples online of how to implement your own if you get stuck though.

Steve Hook 2010-04-07 19:42:18

ansaurus

tags:

views:

answers:

Membership and asp.net MVC

related questions