I have a newly created ASP.net MVC3 project with all the defaults. I am using the approach to build the database. I come from a PHP background and this is my first attempt at a ASP.net project.
I created a new model called "posts" and I want to link it to the built in accounts/users system that came with the default project.
Only signed in users can add posts, and I want to know what user added what post. I want to link the posts to a single user.
In PHP I would create a FK in the posts table to the users table "posts_id" and when a user adds a new post I would fill in that field with the users's id. But there does not seem to be a ID field in the account model.
Questions
How do I link a model to the default account system build in to ASP.net MVC3 using code first approach?
How do I query for user fields from a view in the post controller?
Links to a tutorials would work for me.
Thanks
FKs like posts_id is a database style reference. The object oriented way of representing that data is by giving the Account object a ICollection<Post> and by giving each Post object an Account reference field.
E.g.
public class Post
{
public Account Account { get; set; }
...
}
As for retrieving this data, I would suggest a repository-style service class which would be responsible for saving/loading objects to & from the DB. I am not sure exactly how the Account records get persisted in the template MVC app so I can't say how it would tie into that data. I have always used my own User DB table and thrown away all that build in Microsoft account stuff.
Good luck!
Related
Use case
I am creating an e-commerce website where i need two different login page
For Customer
For Vendor/Retailer
For customer i am storing it in AspNetUsers table but i want to create logic for vendor table
My Question
How can i acheive two logins
I want to create one more table for vendor and create session to login and logout.
Can anyone give me the reference or any proper documentation which i can follow
Thanks.
Look into extending the aspnet-identity models. I added my own fields to the identity tables and customized the solution - I need 9+ different roles etc.
It's a lot of work, but I feel it was worth it in the end.
See this for more information : https://learn.microsoft.com/en-us/aspnet/core/security/authentication/customize-identity-model?view=aspnetcore-5.0
I think you should be able to kinda achieve something like this if you use "Azure AD B2C" as an online Login provider.
It is possible to create different login pages with different data that you gather. For example:
Customer: Name, Age, Address, etc...
Retailer: Company Name, Address, etc...
For the first 50000 logins/month it is completely free.
Some useful resources on how to get started are:
https://www.youtube.com/watch?v=lqfsKtoLHMQ
https://learn.microsoft.com/en-us/azure/active-directory-b2c/overview
I use asp.net WebAPI to provide the service.But I found to explore the id of the entity(Resources identity ) is not a good idea.
eg. if you pass your UserProfile ID to get user's profile. because the id is auto incremented in DB, if someone iterates the Ids to get the others' profile, it will make the users' profiles to leak.(maybe you suggest to use GUID, But int type id has better performance)
So I want to encrypt the IDs with time in WebAPI filters. Is there a good demo for this?
Update: don't confused by User demo. If you have products. first you get the products list,then you will get product detail by product id . How to proect product id.
You shouldn't hide the id's but you can control it with roles. Return resource with different amount of properties based on who's requesting.
If it's anonymous call, maybe don't return anything or return only data which is public and can be seen by anyone any way.
If it's logged in user, maybe he can see more data about other users.
If it's admin who is requesting that information, he can see even more data.
If the user is requesting information about himself, even more data.
Now maybe it would be better to have different endpoints for different level of access so that it's easier to define and document your api, for example for user to get his own information, it would be /user/me.
I'm developing a jQuery website that will display a single record from my Azure Table Storage (ATS) account. I don't want to use jQuery to directly access the table, since that would require disclosure of my ATS account name and key in the jQuery code. I've tried to find a simple C# web service example project that would be the interface, but everything I can find is much more complicated than I need.
This web service will need just one API that jQuery will use: it will be passed two strings: the Partition Key and the Row Key for ATS, which will exactly match with an existing record in ATS. The result returned will be a string that jQuery will convert using JSON.parse() after it is received. If no record is found with the Partition and Row Keys passed in, an empty string should be returned.
If you know of an example of a simple C# web service that I could use as a starting point, I would greatly appreciate a link to it. It's been many years since I developed with C#, and the complicated nature of the table service API with all the associated crypto, hashing, signatures, etc. have left me confused.
Edit: I now realize that maybe both my jQuery code (providing the web UI) and the C# (providing the ATS interface) might work together in one .NET solution. I'm currently running the jQuery UI app standalone in its own .NET solution, due to my path of fumbling around trying things out.
I don't want to use jQuery to directly access the table, since that would require disclosure of my ATS account name and key in the jQuery code.
It seems that you do not want jQuery client directly make a GET request to query entity via table service Rest API, and you’d like to create a backend service for querying entity in table. As maccettura mentioned in comment, you can create a ASP.NET Web API project and do Query Entities operation in controller action.
[Route("queryentity/{pk}/{rk}")]
public CustomerEntity Get(string pk, string rk)
{
//you can install [Azure Storage Client Library for .NET](https://www.nuget.org/packages/WindowsAzure.Storage/)
//and then create a retrieve operation and pass both partition and row keys to retrieve a single entity
//TableOperation retrieveOperation = TableOperation.Retrieve<CustomerEntity>(pk, rk);
//or
//make [Query Entities](https://learn.microsoft.com/en-us/rest/api/storageservices/query-entities) operation as you did
return myCustomerEntity;
}
I've been Googling this for about 30 minutes now to no avail. It seems like it would be straight forward. But basically, I'm creating a new user via code by Memebership.CreateUser(...). I need to set the user's address, city, state, etc. I would imagine this would be the user's profile. Is there not a .NET wrapper (like Membership) that I can use to do this? How in the world do I set this information?
You should configure a ProfileProvider in your web.config.
Later in your code, you could create a Profile for that user, and set the properties needed (Name, Address, etc.).
Here is a tutorial by Scott Mitchell, on ASP.NET's Membership, Roles, and Profile
There are different implementations of Profile Providers, also you can do one yourself.
I suggest you to try Sql Stored Procedure Profile Provider or Table Profile Provider.
The framework provides SqlProfileProvider. You can read it in the link provided.
It says "After defining your Profile properties, the ASP.NET engine automatically creates a ProfileCommon class that has properties that map to the properties defined in Web.config (which allows for IntelliSense and compile-time type checking). This class is dynamically recreated whenever the properties defined in Web.config are modified ..."
"The custom ProfileCommon class is accessible in the code portion of an ASP.NET page through the HttpContext object's Profile property. For example, to read the currently logged on user's HomepageUrl property from an ASP.NET page, simply use Profile.HomepageUrl..."
But using SqlProfileProvider is not a good implementation, as it saves all custom properties, such as address, phone, etc, in two columns in a single row. That's why I suggested investigate Stored Procedure or Table Profile Provider.
You can create an another table and use foreign key as UserId i.e. UniqueIdentifier and same used in aspnet_Users table.
Using the UserId you can manage all membership tables with this new created table.bcoz asp_net_membership table already linked with aspnet_user table.
When the status of membership create user will be success, then create a row in newly created table..
ASP.NET MVC3 newb here.
I am working on a MVC3 intranet application that uses windows authentication. Windows auth is setup and ready to go no problem.
What I need to happen is to capture the username (Domain\first.last) whenever a user accesses the app for the first time and then store that information into a database and associate that name to a another unique identifier (numeric and auto-incremented).
I already found a way to get the username:
string user = WindowsIdentity.GetCurrent().Name;
What I am having an issue with is taking that variable and storing it in my database.
Any suggestions, hints, tips or nudges towards helpful resources are greatly appreciated.
Apologies if this scenario was posted elsewhere, if it was then I was unable to locate it.
Cheers Guys!
Be careful - user names and display names can change. I would avoid storing them in the database.
Instead, look at storing the SID (id of the user). The User property of the WindowsIdentity returns the SID. You can store and update the user name for display purposes but don't rely on it for typing the authenticating user back to the previous user in your DB.
See this SO post as well:
How can I get the SID of the current Windows account?
Persist the SID (along with username for display only) and look up via SID.
I think what you are looking for here is really 'how to store some info in a database'
What database system?
Check out
http://www.datasprings.com/resources/articles-information/a-quick-guide-to-using-entity-framework
You can easily use the entity framework to store that value in the database which is what I think your question was really about. I do agree with Bryanmac though, you should be storing the SID not the login name in case the name changes. If you know it will NEVER change then you could store the name, but since they can technically change in Windows, I'd be aware of this.
If you have a specific question then on how to store that field using the Entity Framework, please post that.
When you create your MVC3 application, there is an option for "Intranet Application" that has all of the Windows Authentication stuff working already, you might want to check that out and pull over pieces of the code for your current project (or migrate what you have depending on how far you are).
It has some special code placed into Web.Config as well as the extra files it creates.
Read more here:
http://weblogs.asp.net/gunnarpeipman/archive/2011/04/14/asp-net-mvc-3-intranet-application-template.aspx
and here:
http://msdn.microsoft.com/en-us/library/gg703322%28VS.98%29.aspx
Also you'll want to use User.Identity.Name to reference the person viewing the website.