Custom MembershipProvider in .NET 4.0

2019-01-01 13:38发布

问题:

There are a few threads here at so about this matter but most of them are outdated and the reference links in them are even more outdated.

I got this website which I need to connect to an external sql server (mssql) with it\'s own table structure, using the default asp.net membership provider structure is not an option. The table layout is really simple and the usertable looks like this (it\'s called Individuals)

Individuals
- UserGuid (uniqueidentifier/guid, unique)
- Name (varchar)
- Password (varchar)
- HasAccess (tinyint/ 1 or 0)
- DateTime (datetime)
- Log (xml)

The required functionality is simply to log someone in, the rest is not necessary :)

I followed some guides but most of them are outdated and very complex. Unfortunately the msdn examples follows this pattern and the documentation is not very good.

So if anyone got some resources showing how to, or are willing to post codesamples or similar here I\'d appreciate it.

Thanks!

回答1:

It\'s very simple really:

  1. Create a new Class file (if you\'re not using a multi-layered system, in your project\'s Models folder) let\'s called MyMembershipProvider.cs

  2. Inherit that class from System.Web.Security.MembershipProvider

  3. automatically create the needed methods (period + space in the inherit class)

Done!

All methods will have the NotImplementedException exception, all you need to do is edit each one and put your own code. For example, I define the GetUser as shown below:

public override MembershipUser GetUser(string username, bool userIsOnline)
{
    return db.GetUser(username);
}

dbis my Database Repository that I added into the class as

MyServicesRepository db = new MyServicesRepository();

there, you will find the GetUser method as:

public MembershipUser GetUser(string username)
{
    OS_Users user = this.FindUserByUsername(username);

    if (user == null)
        return
        new MembershipUser(
            providerName: \"MyMembershipProvider\",
            name: \"\",
            providerUserKey: null,
            email: \"\",
            passwordQuestion: \"\",
            comment: \"\",
            isApproved: false,
            isLockedOut: true,
            creationDate: DateTime.UtcNow,
            lastLoginDate: DateTime.UtcNow,
            lastActivityDate: DateTime.UtcNow,
            lastPasswordChangedDate: DateTime.UtcNow,
            lastLockoutDate: DateTime.UtcNow);

    return
        new MembershipUser(
            providerName: \"MyMembershipProvider\",
            name: user.username,
            providerUserKey: null,
            email: user.email,
            passwordQuestion: \"\",
            comment: \"ANYTHING you would like to pass\",
            isApproved: true,
            isLockedOut: user.lockout,
            creationDate: user.create_date,
            lastLoginDate: user.lastLoginDate,
            lastActivityDate: user.lastActivityDate,
            lastPasswordChangedDate: user.lastPasswordChangedDate,
            lastLockoutDate: user.lastLockoutDate);
}

Do this for all the methods you use (debug the project and see which ones you need) - I only use some, not all as I don\'t really care about methods like ChangePasswordQuestionAndAnswer, DeleteUser, etc

just make sure that in your web.config you add the new Membership as:

<membership defaultProvider=\"MyMembershipProvider\">
  <providers>
    <clear/>
    <add name=\"MyMembershipProvider\" type=\"Your.NameSpace.MyMembershipProvider\" connectionStringName=\"OnlineServicesEntities\"
         enablePasswordRetrieval=\"false\" enablePasswordReset=\"true\" requiresQuestionAndAnswer=\"false\" requiresUniqueEmail=\"false\"
         maxInvalidPasswordAttempts=\"5\" minRequiredPasswordLength=\"6\" minRequiredNonalphanumericCharacters=\"0\" passwordAttemptWindow=\"10\"
         applicationName=\"/\" />
  </providers>
</membership>

You have a nice Video Tutorial from Chris Pels (dated 2007 but still mostly valid) and code for this as well, though Video Tutorial is in VB, but let\'s you understand the steps...

http://www.asp.net/general/videos/how-do-i-create-a-custom-membership-provider

I did not only create my own Membership Provider but I created my Roles Provider as well, witch as you can see from above code, is as simple as the MemberShip and let\'s you, in your application use things like:

[Authorize(Roles = \"Partner, Admin\")]
public ActionResult MyAction()
{

}

and

@if (Roles.IsUserInRole(Context.User.Identity.Name, \"Admin\"))
{
    <div>You\'re an ADMIN, Congrats!</div>
}

What is automagically create the needed methods (period + space in the inherit class)

You can either right-click, or have the cursor on the name and press Control + . and then space.



回答2:

There are a few threads here at so about this matter but most of them are outdated and the reference links in them are even more outdated.

Since the introduction of ASP.NET in Framework 1.0 the Page.User/CurrentSession.User/IPrincipal/IIdentity model is unchanged. In Framework 2.0 the Membership provider was added. Those \"outdated\" reference remain valid guidance. MSDN