I am using nopCommerce 3.50. And trying to make it a multi storied. Every user signup here will have there specific e-commerce like nopCommerce.
Main features I have to focus is:
Every user(store owner(1 store/user)) will have their own subdomain.
user's will have full control on their store.
They can change theme or configure any settings as an admin of
NopCommerce can.
So what I am thinking to do is:
Create a new project(mother project).
Link One NopCommerce Solution with it.
when a user signup there, they create a new database as nopcommerce.
Name database uniquely for the user.
store db name and all user info in mother project.
When user sign's in, get the user db from mother db and set the path to nopCommerce Solutions db-path.
when a user logs in, user is redirected to a subdomain.
and loads the respective database for the user using same server-side and client-side code.
Is it possible or there is any other better way to do this?
I am designing an online store.
Currently I am using AspNetSqlProfileProvider & Simple Form authentication to implement my Cart which works completely fine!
But the problem occurs while the anonymous user signs up and a new profile is created. Then the old cart content (as anonymous user) is not migrated into the new profile.
Based on this link I used Profile_OnMigrateAnonymous event in global.asax in order to transfer Profile Data from the Anonymous User Profile to The Registered User Profile.
As I searched for this issue I found that CommonProfile is not accessible within the Web Applications, so I cannot use Profile.GetProfile(args.AnonymousID)
Besides, I don't want to use ASP.NET MembershipProvider.
So, how am I supposed to get data from AnonymousID?
I built my own authentication system, that basically check if a email and password exist in a table, and if they do, some values are stored in session state like id of the user and etc. I 'd like to know if I can use a web.config file in a folder to prevent undesired users from accessing sections of the site that they shouldn't. I am just asking ]if it is possible.
after a long search on google I found the answer. Use Formsauthentication.setauthcookie And the feature works as if you were using a login control.
I am new to MVC and actually new to web development all together. I have about 7 years of development experience but in services, database, object models, etc.. basically middle-tier and back-end development. I am trying to learn ASP.NET and decided to build a site using MVC3 for a personal site for myself. I will be hosting this from an account at dotnet-hosts.com. Here is my question... I don't have a domain and I will be using the built in membership provider. I noticed in the auto generated code that was created when I added the project template that in the AccountController in the method ChangePassword (ChangePasswordModel model) there is this line of code...
MembershipUser currentUser = Membership.GetUser(User.Identity.Name, true /* userIsOnline */);
My question is specifically around User.Identity.Name, this looks like it would be returning the Windows user name just like Environment.UserName would. The Visual Studio template I used is the (Mobile Ready HTML5 MVC.NET) as I want to be able to support clients from any device...Windows PC, Apple, Windows Phone, iPhone, etc... If the call to User.Identity.Name is correct then I would like to ask how does this work on devices that are not Windows like an iPhone? If my assumption is correct that this will only work for Windows computers with a domain then how can I achieve this? would I need to perhaps use some caching? If so could I maybe grab the user name and their IP address to be used as the cache key from the Authentication page?
My high level question is... How do I get the current logged in user's userName regardless of the device/platform? I know this question is probably not written well and may be hard to understand... I apologize for that. I am new to web development and trying to get my feet wet and would like to start to the latest technology.
The call is correct. The User.Identity.Name is filled out by whatever authentication provider is in use - Windows authentication, Forms authentication, some custom authentication provider, or whatever. It isn't bound to a specific user "type". The authentication provider has the responsibility of making sure the Identity object corresponds to the current user on every request. Usually that part is taken care of using a combination of cookies and database.
The MVC template (although I haven't had a look at the template since MVC 2) uses ASP.NET's Membership class, which in turn uses a membership provider - for example SqlMembershipProvider or ActiveDirectoryMembershipProvider - the former stores your users' credentials (username and password etc.) in an SQL Server database, the latter uses Active Directory (i.e. primarily Windows logons). SqlMembershipProvider is the default, and MVC is set up to use a local SQLExpress database file as its user store.
The authentication provider that's implemented in the template project uses FormsAuthentication, which does the login procedure through a simple HTML form (the one in the LogOn view) and keeps the user signed in by way of an encrypted cookie. Works on any platform.
The setup for both FormsAuthentication and SqlMembershipProvider can be found in web.config (the one in the root of the site). There you can find the connection strings for the SQLExpress database (and e.g. change them to use a "real" SQL Server if needed), the timeout for logins etc.
(Note that you can do a lot of that configuration easily in a GUI through the "ASP.NET Configuration" button in the toolbar of Solution Explorer in Visual Studio - it also provides an easy way to set up the first users).
In short, it's all ready to go - and doesn't lock out non-Windows users.
Like you said User.Identity.Name is indeed correct. for returning the logged in users name. But the membership section like you said, provides only windows accounts. You can use similar without the user of windows accounts, to work in every scenario, and can still verify against windows if present. If you call it without membership, and follow the default MVC3 template it should work fine.
String Username = User.Identity.Name;
When you log on, using the template MVC3, it creates an authcookie. See account controller code. Here, two parameters are passed into it. The username, and to persist (when browser is closed - login is still cached).
The username is a string field, which is what is called by User.Identity.Name and infact, anything can be put into it, and is not in anyway linked to Windows login.
You could test the login via method you desire, and if yes, set a cookie using the authcookie method. (its encripted). And set the username to what ever you want. And if your verification of the user fails, dont create one, and redrect back to page.
See the example code. This is all from memory, as I dont have code infront of me for reference. But its all in the account controller, Login Action.
When the cookie is set, The users login state is cached for the session. You will need to ensure the user is logged in when visiting a webpage. Otherwise loggin in will be pointless. This is a simple attribute on the controller/action.
Note: dont do this to the Account/logon controller, as you wont be able to visit the logon page, as you are not logged in.
[Authorize]
public ActionResult DoSomething()
{
// ...
}
Hope I have helped.
My project has a Guest folder and an admin folder.
Guest has a guest1.aspx page and admin has admin1.aspx page.
Now I am trying to figure out a login control which will check the role of the user and send them to the respective pages accordingly.
The names are not in the database or the active directory...
These names are on the windows 2003 server...
So I need to check from the server if the user exists and what is its role in it..
what is the best way to achieve this... please any suggestions...
this is very important for me
any help is appreciated
thanks
#John_ Let me explain
Suppose there is company which has 10 employees and one administrator.. the company has a server and these employees are on the same domain. So the admin can add that machine to the server or delete it.. now every machine has its username password and domain.. i want my gui to use the same credentials to log into the gui and send them to the respective pages according to the role..
In the LoggedIn event check the roles of the user and use the DestinationPageUrl property of the Login control to redirect to the proper page.
You can find some examples of checking the active directory group that the user is a member of here: http://www.codeproject.com/KB/system/everythingInAD.aspx#38