MVC3, Entity Framework, OpenID and MembershipProvider

I am creating a project that takes the EF Code First approach and now I have to create users. I want to implement OpenID because it's really cool and modern. There are many tutorials on how to do this (don't read them, but I do of course).

I use EF and MVC quite often now, but all things with members, roles, providers, etc. foggy. There are two things that I am sure:

  • I want to use OpenID and
  • I want to manage users table with EF Code First

So, I would appreciate it if someone can give me some advice:

  • Should I implement MemberhipProvider, or could I use a project like this: codeplex ?
  • How will OpenID, EF and Membership interact with each other?

I know this is a VERY broad subject, but I only need basic clues, I need to know where to start. Things like "You can use MembershipProvider and OpenID, but better not, because ...".

Any help is greatly appreciated.

+3


source to share


1 answer


The requirement is that users can login with facebook, yahoo and others as it is very difficult to create accounts all over the place.

What we are considering is providing multiple Authentication options to this day for Users , whether it's a username / password combination that you manage, an OpenId provider, or an OAuth provider.

I believe the best approach is to make these two concepts (membership and authentication) explicit.

I don't care how the user authenticates , just by providing me they can find their user information when they do.

A simple approach to using a custom table with the following information:

Name
Email
Authentication Type
Authentication Id

      



Example:

Name        Email       AuthenticationType      AuthenticationId
----        -------     ------------------      ----------------    
John        a@b.com     GoogleOpenId            OpenIdClaimId
Ben         c@d.com     Internal                ben
Dave        e@f.com     FacebookOAuth           FacebookUserId

      

When the user is authenticated, we can load our user information using the authentication method and ID as criteria. For the internal membership provider, we can use their username, for OpenId for their request url, and for OAuth, their provider ID (for example, Twitter ID).

So, for all intents and purposes, use EF to manage Users , but I would consider the membership provider as another authentication mechanism, in which case you can also use the standard SqlMembershipProvider.

I wrote this post a long time ago (in the context of e-commerce stores) that might be helpful.

+4


source







All Articles