I am trying to update an older website. It already has an existing database with a user and a role table, with existing data in it.
I need to create a new web-api and a new web project and integrate ASP.NET Identity into the already existing database.
I have currently setup my solution to breakup the projects as follows:
Domain
Services
WEB_API
WEB_UI
My aim is to implement the Identity in the services layer so that both my WebAPI and MVC site can utilize the same identity mechanism.
I am fairly overwhelmed at the moment, I have read many tutorials and articles over the last day or two and have ended up with the options of either re-implementing the IUserStore and IRoleStore. And also with mapping the different entities in the OnModelCreatingMethod.
I cant seem to find a tutorial which is aimed at what I want to do. My database is to different to simply remap the names of columns, And I dont want to re-implement the entire Identity Stores as there are only a few conflicting fields. Most tuts I have found are related to using mysql instead of EF. I still want to make use Entity Framework.
Issues I have:
The current Users Table in the database used Int pk , not GUID
The Password Field uses a different Hashing algorithm. So i would need to override how Identity checks and store the password.
I do not have all the required Identity User fields in my database, however I am able to add new fields, I just cant change already existing fields.
I am making use of Database First as the DB already exists.
So basically my question is, In what direction do I need to go in order to overcome the above mentioned issues. Can I get away with changing the Database mapping? Or do I need to go as far as re implementing the User and Role Stores?
What I had initially planned was to re-implement the User and Role Stores using entity framework, And i could then make use if the DB first model classes and map the actual DB structure and fields to my ApplicationUser Fields. But this is where I thought I might be diving into cold waters, and i'm generally not a fan of reinventing the wheel if not necessary.
-The first thing you should do if you haven't already is to BACK-UP your current database!
You could use code first to update an existing database.
I found this walkthrough and it seemed close to the route you're on, and I'm hoping it will help solve your problem, begin at "Migrating to Visual Studio 2013".
http://www.asp.net/identity/overview/migrations/migrating-an-existing-website-from-sql-membership-to-aspnet-identity
This would create a few new tables, but not necessarily a new database.
Download Nuget packages:
Microsoft.AspNet.Identity.EntityFramework,
Microsoft.AspNet.Identity.Owin,
Microsoft.Owin.Host.SystemWeb
Enable-migrations and run a script such as this: https://aspnet.codeplex.com/SourceControl/latest#Samples/Identity/SQLMembership-Identity-OWIN/Migrations.sql
Or you could try using a reverse POCO generator found in visual studio extensions.
(My 1st attempt at writing an answer here. Tried to clarify.)
Related
I am currently new to ASP .Net MVC and I'm working on a project. I already created my database which has a Employees table (which will consist of the users of the system) where I would want to manage all employees. I know mvc comes with a built in functionality that creates the roles and users table for you from code migration. How would I be able to implement that with my own database? Another problem, I tried creating a default and script the tables, added them to my database but the primary keys which is of type int doesn't match that of the id in the dbo.aspnetusers table that was created.
Can anyone assist me?
Regards
Your problem is bit unclear. but from what i have understood so far i can say that if your application is to be used internally, then you should consider using windows authentication and implement your own role provider.
Additionally you will need to provide more detail on what your are trying to achieve. this sounds to me like more of a design question rather than implementation question.
My title is a bit complex, but I will break down really simply what I am doing here.
I have an existing database with about 20 tables. I have a project that my partner has decided that we should use the old Simple Membership over Identity. This is no longer an option on the table, we have finalized that decision. WE will be creating the project in Web Forms using Visual Studio 2012 because that is what we have licenses for.
Step 1) I started a new project in VS 2012 using Web Forms and I pointed the Default Connection String at my current database and registered a few users. This created the tables I needed for membership in my SQL Server 2012 database.
Step 2) I did some relational mapping in my database connecting existing tables to the new membership UserID's where needed so that my existing tables are now related to the membership stuff.
Step 3) Here is where I am a bit lost because normally I have used SqlDataSources with Web Forms in the past. I have some experience with MVC so I would like to do things differently in this web forms project and start from Database First and import my database tables into a Data Access Layer, I'm thinking of using a Class Library for this.
MY QUESTION: When importing my EDMX for database first. Should I
A) Bring in all of the tables (Existing Tables + New Membership Tables)
B) Just bring in the Tables that are NOT part of Membership?
C) Bring in my Existing Tables and only the User and Membership table? or
D) Do you have any other idea?
My reasoning for this question is that I know that I can access the Membership stuff in the Web Forms Project but will it possibly be needed in the Class Library since my application will eventually be very User centric. Lots of tracking of user time and logins, assigning tasks and projects, permissions to that user etc.. I was leaning toward (A)
I know this is a very complex question or maybe I should say it may have many answers all due to things that I may not know yet or I have not explained fully. But I'm looking for some direction as I have never used a Class Library or Database first in this way or in a Web Forms Application.
Snapshot of Database:
You really don't need to include the Membership tables in the EF model. As you pointed out, the Membership class will handle it as long as you have it properly configured in the Web.Config file.
You should import only those tables that are related to your application.
You would only import the membership tables only if you are building a custom membership provider, which is old news by now.
At least, I personally don't do it. This also helps to keep the EF model with just what I need.
Hope it helps.
I created a login system for one MVC App based on the new Identity framework, and since I already went through all the hard work of modifying my database to match the Identity 2.0 requirements, I was wondering if it would be possible to use it outside of MVC, so I could reuse what I already created, like a login system for a desktop project that I'm working on for example. If so, can I implement the login system on a .dll that can be reused on other projects?
Yes, you could use your existing database for another application. Add the ADO.NET Entity Data Model, and point it to your database. Then, if you need to, select "Update Model from Database" and you should be all set.
Although, it may be just as easy to create your own user/roles tables. It's frustrating (to me) that Identity creates the Primary keys as strings, even though they are essentially Guids.
The title is not so accurate, but I couldn't come up with a better one.
I’m trying to write a MySQL Connector for MS‘ Forefront Identity Manager (FIM is basically a sync engine that synchronizes identities between various data sources using a meta directory). But I’m having difficulties to come up with an appropriate design.
Let’s say I want to import user data from a db into FIM’s metaverse. A user object has various attributes like firstname, lastname, address etc. In the database these attributes can be distributed between multiple tables. FIM ultimately needs these attributes to be merged into one object. So the user needs to configure the connector to tell it how the data is stored in the DB.
I was wondering what would be the “best” way to represent this configuration. Two alternatives come to (my) mind:
I could just save a select query that merges/joins the data, so that the result is a single “table” with all the desired attributes. The problem with this is that I think I would have to do some kind of parsing on this query-string to create a fim-compatible-schema out of it (which is basically the name of the object type (f.e. “person”) and a list of attributes). This schema needs to be creatable from the query-string alone without actually executing the query (I could execute some fake queries if that would simplify the process).
I could create some classes to represent the database schema, i.e. the tables and relationships. Since I’m not that experienced with MySQL (or databases at all for that matter) I’m running the risk of missing some special cases. Also it might be some kind of overkill, since the schema can be assumed as fixed once it's configured.
Does anyone have same advice on which alternative to choose and how to tackle the problems that would come with it? Or is there another – better – alternative I didn’t think of? Any advice would be greatly appreciated!
If something is not clear, please let me know.
Edit: Since there have been some questions on the use case, I'm going to elaborate a bit:
As I've said, I'm developing a Management Agent for FIM. FIM provides a so called Extensible Connectivity Management Agent, which is basically one single class implementing a few interfaces. (See this technet guide for a sample implementation).
Since I want to develop a generic agent for managing identities in a MySQL database, I don't know the database layout at compile time. When the enduser wants to use the management agent, he needs to decide, which attributes of the identities he'd like to manage. So I need to give the user some way to configure the management agent. My main question is, how to design the classes to save this configuration.
Lets look at a simple example:
Say you want to manage employee identities. To keep it simple, we have three attributes:
firstName
lastName
department
In this example case it could be f.e. just one single table with 4 columns (the attributes plus an id). But it could also be the much better design, which uses two tables, one user table and one department table, using a 1:1 relation to define the users department.
FIM requires me to consolidate these attributes in one object. It provides a class CSEntryChange which has an AttributeChanges collection member. I would then create some instances of AttributeChange (which basically contains the attribute name und it's value) and add them to the collection. So the user-editable configuration must tell the management agent how it can get the users with all defined attributes from the db and how to create and modify users in that database.
So ideally I'd have an intance of some "MySQLSchema" class (which is configured by the user up front), that could return a List<CSEntryChange> (I wouldn't actually use the CSEntryChange class for the sake of decoupling, but you should get the point) that contains all users in the db (pagination might be a requirement but I can figure that out later). In addition I'd like to able to pass it a CSEntryChange which would result in the corresponding database entries beeing updated (or created if not yet present).
I hope this clear it up a bit more :)
I think that your real question is, "How to access MySQL entities over C#?"
To begin with, I hope you are building this in as a MVC application.
I would suggest sticking to a full Microsoft stack for purposes of learning and ease of implementation.
With this in mind, you will want to create an EntityFramework MySQL data provider in the following steps:
Create a new project and and EntityFramework either through the Nuget package manager UI or package manager console by typing Install-Package EntityFramework -Version 6.0.2 (and add a reference to this project from your web project). Look half way down the page for "Configure EntityFramework to work with a MySQL database".
Install the MySQL provider for entity framework through the Nuget package manager UI or by typing Install-Package MySql.Data.Entity in the package manager console
The next step requires understanding of db configuration changes, that are nicely detailed here - Configure EntityFramework to work with a MySQL database.
You should end up with a nice class structure which will allow you to traverse your entities' navigation properties through EF.
Depending on the level of security your application requires, you may also want to create data transfer objects (DTOs) that contains only the data required for your remote calls - keeping your data calls efficient.
This is by no means a definitive guide on how to do this, but hopefully gives you a start in the right direction.
With regards to your step #1 above:
I could just save a select query that merges/joins the data, so that
the result is a single “table” with all the desired attributes. The
problem with this is that I think I would have to do some kind of
parsing on this query-string to create a fim-compatible-schema out of
it (which is basically the name of the object type (f.e. “person”) and
a list of attributes). This schema needs to be creatable from the
query-string alone without actually executing the query (I could
execute some fake queries if that would simplify the process).
I am slightly confused by this. Are you saying that you want to dynamically update your database schema based application requests?
You can use NHibernate with MySQL, and NHibernate is a full featured ORM, where C# classess maps with your MySQL tables, and the rest will be a breeze, once you get a hang of NHibernate.
A sample is here for your reference.
http://www.codeproject.com/Articles/26123/NHibernate-and-MySQL-A-simple-example
When you use the MySQL Connector/Net you can also use Entity Framework like this example from MSDN:
using (var db = new BloggingContext())
{
// Create and save a new Blog
Console.Write("Enter a name for a new Blog: ");
var name = Console.ReadLine();
var blog = new Blog { Name = name };
db.Blogs.Add(blog);
db.SaveChanges();
}
I have some experience with .NET <-> MySQL communication and I've used Entity Framework in the past for the communication - I had a lot of problems with it and performance issues and soon came to regret using it (this was 1-2 years ago, so may be they fixed it up). Of course, using an ORM framework adds a layer on top of your db communication which in my case proved to be not desired in terms of performance and flexibility.
Finally, I chose to take the following approach:
1) Create models with POCO classes as you would do with Entity Framework. Those models may or may not include relationships - it is up to your preference. I prefer to only add the relationships when I actually need them (so some objects may have their db relationships in the POCO's and some may not). I chose this because it lowers the complexities of when to pre-load the relationships and when not. Basically, if you don't need it - don't add it.
2) Create DAL layer (for example, using the repository pattern) that accepts and works with those objects and fires direct queries to MySQL. No EF required for this - you just need to install the Connector/NET for MySQL and you are ready to go.
A quick example of this would be the following (note: example is of the top of my head and it is just to illustrate the classes. I would use command parameters as well to prevent injection and so on):
public class Person{
public string Name {get;set;}
}
public interface IPersonRepository{
void AddPerson(Person p);
}
public class PersonRepository{
public void AddPerson(Person p){
using(var connection = new MySqlConnection("some connection string"){
connection.Open();
var command = new MySqlCommand(connection);
command.Text = string.Format("insert into Person (Name) values ({0})", p.Name)l
command.ExecuteNonQuery();
}
}
}
The benefits of this approach for me are:
Performance - my application need to insert large amounts of data int MySQL. Entity Framework could not cope with this. If your application doesn't handle a lot of data you might be alright with EF.
Flexibility - writing my own queries allows me to have better control over the communication. You can choose, for example, to use bulk inserts in MySQL (from file - really powerful and fast when you need to handle large amounts of data) for which you will need to bypass Entity Framework. I also found out that EF generates some funky queries
The main drawback is, of course, more work - you will get some things for "free" with the Entity Framework.
So, I can recommend the following:
Consider the amounts of data that you need to handle and make a small exercise application with those amounts. How does EF (or any other ORM) handle it? What about direct queries to the database? That will give you a somewhat accurate idea of how the communication will perform.
Consider how much time you have for building this application - if you are looking for a quick solution and are willing to sacrifice a bit of performance - go for EF or another ORM framework. If you have more time on your hands and would like to make a flexible solution - go for direct queries to the database.
Good luck!
Use Entity Framework Code First.
http://msdn.microsoft.com/en-us/data/jj193542.aspx
It is still a lot of work, but I think this is the quickest approach.
Create a C# classes according to the user and create the DB schema from those classes.
We are developing an ASP.NET MVC Application that currently uses it's own database ApplicationData for the domain models and another one Membership for the user management / membership provider.
We do access restrictions using data-annotations in our controllers.
[Authorize(Roles = "administrators, managers")]
This worked great for simple use cases.
As we are scaling our application our customer wants to restrict specific users to access specific areas of our ApplicationData database.
Each of our products contains a foreign key referring to the region the product was assembled in.
A user story would be:
Users in the role NewYorkManagers should only be able to edit / see products that are assembled in New York.
We created a placeholder table UserRightsRegions that contains the UserId and the RegionId.
How can I link both the ApplicationData and the Membership databases in order to work properly / having cross-database-key-references? (Is something like this even possible?)
All help is more than appreciated!
In my opinion, you should be able to integrate your database with the standard aspnet_db reliably, but I would advise against duplicating or replacing the aspnet_users table.
That is the focal point of all the providers that use the aspnet_db schema, including custom providers that may augment but do not implement custom replacement.
To maximize reuse of strong tested infrastructure code in the provider stack/API it is best to go with that flow.
You will want to be very attentive to any modified membership core functions and ensure that the way your new constraints behave in an expected fashion in each case.
The facet of the membership story that I have found needs the most attention is deleting a user, and a simple modification/addition to the delete user sproc can manage this capably.
It sounds like you might need to create your own customized Membership Provider. You can probably (not positive here) extend the existing one so you don't have to completely reinvent it. Here is a video from ASP.net that describes how to do that. Google "asp.net membership provider" for tons more.
You can try rolling your own membership or just extend is like Dave suggests.
Create your own [Users] Table which can be populated based off the aspnet_Membership table. So therefore you could have more control over it.
You could also just implement a more involved Profiles system. The .NET team has improved the way profiles are stored now, so instead of "blobicizing" them, you can set them up to be stored in an actual table now [thank god].
Table Profile Provider
If you find the right articles, it's really easy to extend the membership provider to allow for extra functionality. I've moved my users table to my main SQL server table and have written my own role manager that gets values from a separate table. What it sounds like you need to do is to set up a table in your users DB with the location of each user, then create a method on the user object something like "GetLocation()" that returns the user's location from the DB, you could then user that to filter your data from your main DB. Here's a few articles I had kicking aroundin my bookmarks, see if they help, if you have a look on the main ASP.NET site or google for membership provider extending articles, there are plenty around.
http://msdn.microsoft.com/en-us/library/ms998347.aspx
https://web.archive.org/web/20211020202857/http://www.4guysfromrolla.com/articles/120705-1.aspx
http://msdn.microsoft.com/en-us/library/aa479048.aspx
As the others have pointed out there are many good resources available that can help you with creating your custom provider using the existing database.
It looks like you are headed in the right direction with mapping tables. I think the one piece you are missing is Distributed Queries. This link is specific to Sql Server 2008. There is a link there to the documentation for Sql Server 2005 if that is what you are using.