locked
User e-mail address as username RRS feed

  • Question

  • User-2072076386 posted

    Hello,

    I am working in a Silverlight 4 Business Application template and using the default asp.net membership provider.

    As most of the websites do today, I would like to ask only the e-mail address and password in order to create an accout. I know that this might lead to some disadvantages, as discussed previously in this very interesting post:http://forums.asp.net/t/1146571.aspx/1/10

    In case I dedice to go and do that, I was thinking that instead of using the e-mail address specififed by the user as the username, I could create internallly a user ID (that will be hidden from the user) and keep the e-mail address, in the right place.

    So when the user logs in, I will look for users with that address, get the internal ID and perform the autenthication.

    In this way, the user might change its e-mail address and still keep the account.

    I would like to ask you if you see any big problem in this approach? What suggestion do you have to keep the internal auto generated user id?

    What about duplicated e-mail address? Does asp.net membership provider performs some checking on duplicated e-mail addresses?

    Thank you,

    Igor.

    Thursday, April 7, 2011 11:55 AM

Answers

  • User1182340765 posted

    For example:

     

    <system.web>
      <membership defaultProvider="MyMembershipProvider">
        <providers>
          <add name="MyMembershipProvider"
            connectionStringName="MyMembershipConnectionString"
            enablePasswordRetrieval="false"
            enablePasswordReset="true"
            requiresQuestionAndAnswer="true"
            passwordFormat="Hashed"
            requiresUniqueEmail="true"
            type="System.Web.Security.SqlMembershipProvider" />
        </providers>
      </membership>
    </system.web>
    

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, April 7, 2011 9:15 PM

All replies

  • User1182340765 posted

    I don't see any problems. As long as your auto generated user id and email address are unique, you are in a good shape.

    For duplicate email address, there is a property in default membership provider's setting in web.config, it's called requiresUniqueEmail. You can set it when you add membership provider in web.config -> membership -> providers

    Thursday, April 7, 2011 9:11 PM
  • User1182340765 posted

    For example:

     

    <system.web>
      <membership defaultProvider="MyMembershipProvider">
        <providers>
          <add name="MyMembershipProvider"
            connectionStringName="MyMembershipConnectionString"
            enablePasswordRetrieval="false"
            enablePasswordReset="true"
            requiresQuestionAndAnswer="true"
            passwordFormat="Hashed"
            requiresUniqueEmail="true"
            type="System.Web.Security.SqlMembershipProvider" />
        </providers>
      </membership>
    </system.web>
    

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, April 7, 2011 9:15 PM
  • User-2072076386 posted

    Hello,

    Curently I am working to perform this change and I came into a problem.

    After a sucessfull login using my e-mail address, it seems the ASP.NET profile thinks I am a different user. The profile user name seems to be my e-mails address, so all my profile settings are rest (default values).

    How can I find a way to still use this e-mail login technique and also make the asp.net membership provider get the my correct profile settings?

    Thank you,

    Igor.

    Tuesday, January 24, 2012 8:30 AM