locked
Design question - login, user prefs, DB, SimpleMembership, Universal Providers, ExtendedMembershipProvider RRS feed

  • Question

  • User-1679881777 posted

    Hi,
        Assuming ASP.NET 4.5, I'm interested in hearing suggestions / recommendations on how to implement one scenario using "the latest stuff". I was reading this about SimpleMembership and Universal Providers and I'm a bit confused. In any case, in this post I would like to concentrate on the requirements, and see how the techniques follow after.
      Consider a web site with these hypothetical requirements :
             - users login in some kind of header of the site (not full page login)
             - users have a page to control preferences, which are specific to the domain ("custom properties" of the user) and are expected to be stored in the database. The same page can reset the user password.

        Some technical constraints:
             - forms authentication
             - custom user schema lives in SQL Server DB that is controled by me (not the out-of-the-box ASP.NET profile schema)
             - authentication against this schema with username and password
             - other DB tables have relationship to user table
             - I like the Entity Framework. And I like simple stuff. And I like reuse. And I like less code.
       

    So, how to implement this? This is my main question.

     - State assumptions of MVC, Web Pages or Web Forms.

    Other thoughts:

      - The examples of MVC with Universal Providers look odd to me, considering MVC with SimpleMembership . It seems that  SimpleMembership is the way forward for MVC at least.
       - Simple question: do controls like Login and CreateUserWizard work with ExtendedMembershipProvider?
        - Can the LoginView control display the custom properties of the user?
       - Is OAuth an "overhead" for scenarios with DB with username and password?
       - What is there to help with the encryption of passwords in the database?

    Thanks,

    Gustavo C.S. Frederico

    Sunday, April 28, 2013 1:18 AM

All replies

  • User-359936451 posted

    It sounds to me like you need to use Web Forms, and include user Roles and Profiles. The ASP.net out of the box membership will support what you have mentioned and with profiles allow you to customize basically whatever you need. I am pretty sure you can do this with MVC as well, though I have no experience.

    As for passwords, asp encrypts them by default with the membership unless you turn it off, like in the web.config, which would cause plain text to be passed.

    The rest of your criteria is a wash.

    Thursday, August 7, 2014 12:30 PM