right way to have role based custom auth query database on every request asp.net mvc

Question

This may be a slightly ignorant question but Im new to mvc so Im sorry!

I studied the nerd dinner auth model but In my app I have a complicated role based authentica

Answer 1

"Correct?" Its a matter of opinion.

I'd say, if you aren't experiencing issues with the database performance caused by this query, then don't worry about it.

If you are, you can centralize your authentication code into some sort of auth provider or type, and cache authentication information in memory until a write updates the database, which should invalidate the cache at the same time.

(Your second question would do well on its own; I don't have enough info to answer it.)

Answer 2

An alternative approach is to store your user's roles in the authentication ticket when your user is authenticated. Then for every request (Application_AuthenticateRequest method of the global.asax file) you can extract the roles from the authentication ticket and create a GenericPrincipal.

See this answer for more details.