How to create custom WebSecurity.Login and WebSecurity.CreateUserAndAccount methods in MVC 4?
Solution 1
You will need to implement you own Membership and Role providers.
Custom Provider:
namespace MyApp.Helpers
{
public class CustomProviderProvider : SimpleMembershipProvider
{
public override MembershipUser GetUser(string username, bool userIsOnline)
{
return base.GetUser(username, userIsOnline);
}
public override bool ValidateUser(string username, string password)
{
return true; // base.ValidateUser(username, password);
}
}
}
You will just need to override the methods you want to "intercept" (ie ValidateUser). You will also need to register the provider in the web.config file:
<system.web>
<membership defaultProvider="CustomMembershipProvider">
<providers>
<clear/>
<add name="SimpleMembershipProvider" type="WebMatrix.WebData.SimpleMembershipProvider, WebMatrix.WebData" />
<add name="CustomMembershipProvider" type="MyApp.Helpers.CustomMembershipProvider, MyApp" />
</providers>
</membership>
</system.web>
You should also have a Filter called "InitializeSimpleMembershipAttribute"
namespace CustomPortal.Filters
{
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)]
public sealed class InitializeSimpleMembershipAttribute : ActionFilterAttribute
{
private static SimpleMembershipInitializer _initializer;
private static object _initializerLock = new object();
private static bool _isInitialized;
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
// Ensure ASP.NET Simple Membership is initialized only once per app start
LazyInitializer.EnsureInitialized(ref _initializer, ref _isInitialized, ref _initializerLock);
}
private class SimpleMembershipInitializer
{
public SimpleMembershipInitializer()
{
Database.SetInitializer<CustomPortalContext>(null);
try
{
using (var context = new CustomPortalContext())
{
if (!context.Database.Exists())
{
// Create the SimpleMembership database without Entity Framework migration schema
((IObjectContextAdapter)context).ObjectContext.CreateDatabase();
}
}
//Here is where you give it your connection string name
WebSecurity.InitializeDatabaseConnection("CustomPortal", "UserProfile", "UserId", "EmailAddress", autoCreateTables: true);
}
catch (Exception ex)
{
throw new InvalidOperationException("The ASP.NET Simple Membership database could not be initialized. For more information, please see http://go.microsoft.com/fwlink/?LinkId=256588", ex);
}
}
}
}
}
I hope this helps...
Solution 2
ASP.NET MVC 4 uses a new membership provider called SimpleMembershipProvider. WebMatrix is a facade over SimpleMembershipProvider. There is no longer a need to modify the config file with ASP.NET MVC 4. More info here: http://aaron-hoffman.blogspot.com/2013/02/aspnet-mvc-4-membership-users-passwords.html
1.How can I make it use my own database like I did in MVC 3?
A: No need to override SimpleMembershipProvider if you want to roll your own. Remove the reference to the InitializeSimpleMembershipAttribute
in the AccountController
class and modify the methods in the AccountController
class.
2.What's the different? Why doesn't it keep using static Membership methods? Why does it have to change to WebSecurity?
A: ASP.NET MVC 4 Now uses a new membership provider: SimpleMembershipProvider.
Comments
-
Triet Doan over 3 years
When we choose
New Project --> MVC 4 --> Internet Application
, it will automatically generate AccountController for us. In this controller, I only care about 2 actions,Login
andRegister
.In MVC 3, it uses Membership's static methods,
ValidateUser
inLogin
action andCreateUser
inRegister
. So, if I want to integrate it with my own database, I just need createCustomMembershipProvider
by extendingMembershipProvider
and override that two methods.But in MVC 4, it uses
WebSecurity.Login
andWebSecurity.CreateUserAndAccount
. My questions are:- How can I make it use my own database like I did in MVC 3?
- What's the different? Why doesn't it keep using static Membership methods? Why does it have to change to
WebSecurity
?
Thanks so much for your help.
-
Triet Doan about 11 yearsThanks for your reply. Why do I need that filter? Just for creating database? So if I use Entity Framework, I don't need this filter?
-
Triet Doan about 11 yearsHow about create custom SimpleRoleProvider and config it?
-
PantsOffNow about 11 yearsThe filter doesn't just create the database, It also initializes the WebSecurity class. By doing this you are able to tell WebSecurity which database and fields to use. The filter is just a good place to the initialization because the attributes are reusable. You could do the initialization in the gloabal.asax page i'm sure. However, that's not as granular if you need more control and initializing in other places may lead to duplicated code, which can turn into a maintenance nightmare. Also, even if you use entity framework you would still use something to this effect.
-
PantsOffNow about 11 yearsActually, if you weren't using EF this would be a little more complex.
-
PantsOffNow almost 11 years@Forte_201092 did I answer your question or are you still having trouble with this?
-
Computer over 4 yearsI'm using VS 2013, created the Default MVC 4 selected Internet Application as the authentication and the Filter is already there. So would i still need to amend the filter class and web.config?