发表新帖
发表新帖

Custom membership or not

后端 未结
关注
5 646
既然无缘
既然无缘 2021-02-04 14:21

I am creating website (football, soccer) in ASP.NET MVC3 and I want have users (with additional information then user in default membership, these are ordinary visitors) and pla

相关标签:
5条回答
  • 独厮守ぢ
    2021-02-04 14:58

    It is very easy to create your own Membership Provider. Just create class derived from MembershipProvider. And implement members which look into DB, for example (or any other data source). 

    public class YourMembershipClass: MembershipProvider
{
    public override bool ValidateUser(string username, string password)
    {
         return YourDataLayer.ValidateUser(username, password);
    }
    public override MembershipUser GetUser(object providerUserKey, bool userIsOnline)
    {
        return YourDataLayer.GetSpecificUser(providerUserKey, userIsOnline);
    }
    // Implement the other methods as well
 }

    Then add your YourMembershipClass to web.config:

    <membership defaultProvider="MlgMembership">
  <providers>
    <clear />
    <add name="CustomMembership" type="YourMembershipClass" enablePasswordRetrieval="false" />       
  </providers>
</membership>
    0 讨论(0)
  • 遥遥无期
    2021-02-04 14:59

    I Advice you to:

    • Use Membership provider to just deal with user registration and authentication. And let it take care of user security stuffs (rest password, validate user ....)

    • Then use Roles to separate your users to their roles ("Players, normalUsers,..").

    • And NEVER use Profile provider cause it cost so many traffic you don't want and instead of you could make your custom table in DataBase to store your additional information.

    • Then you may use EF or any ORM to get this information whenever you want.

    • Don't forget to use authorization attributes [Authorize(Roles="Players")]in your Controllers and Actions deppending on the Roles.
    0 讨论(0)
  • 鱼传尺愫
    2021-02-04 15:04

    If you are looking to store profile type information e.g. first name, last name, job title etc. against each user then you should be able to use the Profile system built into ASP.NET Membership. If you are looking to store more identity related information then yes you will have to create some sort of custom membership provider. There is a good video on creating a custom provider on the ASP.NET website: http://www.asp.net/general/videos/how-do-i-create-a-custom-membership-provider

    Regarding allowing different types of users to perform different actions you can use the Roles system built into ASP.NET Membership. You can tell your action methods to only allow calls from users in certain roles. For example if you had a PostArticle action method and you only wanted players to be able to access it you would have something like this:

    [Authorize(Roles="Player")]
public ActionResult PostArtcile(){
    return View();
}

    The Authorize attribute tells MVC to only allow authenticated users in the "Player" role to call the action method. You'll still need to restrict the availability of a post article link in your front end but there are several ways to do that.

    There is a great series of articles by Scott Mitchell which covers all things membership based: http://www.4guysfromrolla.com/articles/120705-1.aspx

    0 讨论(0)
  • 花落未央
    2021-02-04 15:16

    I would advise implementing your own membership provider, it means implementing only the bits you need and forms a foundation for all your user management.

    The Membership provider is the same for WebForms and MVC, there are quite a few examples on SO and Google.

    0 讨论(0)
  • 悲&欢浪女
    2021-02-04 15:19

    Have a look at this soccer Club Site asp.net starter kit.

    0 讨论(0)
 看不清?
提交回复
热议问题