How to change the MembershipProvider in ASP.NET MVC?

I would like to show you how you can change the MembershipProvider. Maybe it is gone be important in the future for some of you too not just me. So let’s start.

Membership provider

Why would anybody change the MembershipProvider? I don’t know. My reason was that I would not like to log in my customers based on the web.config’s credentials settings. First of all – this is the most important part – you should create a new class. I have named my class MyMembershipProvider which is derived form the MembershipProvider class.

public class MyMembershipProvider : MembershipProvider
    {
        //...... lots of code ......
        // and finally the most important function 
        public override bool ValidateUser(string username, string password)
        {
            return //some user validation
        }
    }

There are several other function on the MembershipProvider and I have override some of them, but I think this is the most important. Next step you should change some part of the web.config. Let me show you how.

<configuration>
  <configSections>
    ......
  </configSections>
  <connectionStrings>
    ......
  </connectionString>
  <appSettings>
    .......
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! You should add this two line of code !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    <add key="enableSimpleMembership" value="false" />
    <add key="autoFormsAuthentication" value="false" />
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  </appSettings>
  <system.serviceModel>
   ......
  </system.serviceModel>
  <system.web>
     ......
     <membership defaultProvider="CustomMemebershipProvider">
      <providers>
        <clear />
        <add name="CustomMemebershipProvider" type="Security.MyMembershipProvider" />
      </providers>
    </membership>
    .....
  </system.web>
<!-- other part of the web.config  -->

Almost done. Only one thing is missing. We should change the AccountController (or where ever you handle the log in and log out stuff). Basically the Login method looks something similarly.

 [HttpPost]
 [AllowAnonymous]
 [ValidateAntiForgeryToken]
 public ActionResult Login(LoginModel model, string returnUrl)
 {
     if (ModelState.IsValid && WebSecurity.Login(model.UserName, model.Password, persistCookie: model.RememberMe))
     {
         return RedirectToLocal(returnUrl);
     }

     // If we got this far, something failed, redisplay form
     ModelState.AddModelError("", "The user name or password provided is incorrect.");
     return View(model);
 }

You should remove the WebSecurity.Login and instead of this line of code you should use the following one Membership.ValidateUser and you should change the if section too just a little bit. Finally it looks something like this:

[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel logindModel, string returnUrl)
{
    if (ModelState.IsValid && Membership.ValidateUser(logindModel.UserName, logindModel.Password))
    {
        FormsAuthentication.SetAuthCookie(model.UserName,false);
        return RedirectToLocal(returnUrl);
    }
    ModelState.AddModelError("", "There were some problem with the user name and or with the password");
    return View(model);
}

I think it is pretty good. Right now It should work.

I have written this artical based on the following one

Advertisements

Vélemény, hozzászólás?

Adatok megadása vagy bejelentkezés valamelyik ikonnal:

WordPress.com Logo

Hozzászólhat a WordPress.com felhasználói fiók használatával. Kilépés / Módosítás )

Twitter kép

Hozzászólhat a Twitter felhasználói fiók használatával. Kilépés / Módosítás )

Facebook kép

Hozzászólhat a Facebook felhasználói fiók használatával. Kilépés / Módosítás )

Google+ kép

Hozzászólhat a Google+ felhasználói fiók használatával. Kilépés / Módosítás )

Kapcsolódás: %s

%d blogger ezt kedveli: