MVC Membership & Profile Strategy

0
votes

Bear in mind, I have researched this and have found several articles, however, they are mostly old (like from 2008) so I am wanting more recent information pertaining to the latest version(s) of ASP.NET MVC.

I am using the Membership built-in thing to provide user registration, login and roles.

I want to use the profile functions, too.

I don't know how to create a profile and I can't find any articles on how to do this in MVC 3. I found one using MVC 2, maybe it's the same, but I want to use the latest available methods.

Can someone show me a step by step solution to creating a profile?

I am considering using my own membership classes + forms authentication. That way, creating profiles is as simple as assigning a foreign key...

What's the experts' opinion?

Please provide your answer in VB and not C# (I don't know why everyone writes me stuff in C#).

Thanks.

Edit: Here is my Register function:

'
' POST: /Account/Register

<HttpPost()> _
Public Function Register(ByVal model As RegisterModel) As ActionResult
    If ModelState.IsValid Then
        ' Attempt to register the user
        Dim createStatus As MembershipCreateStatus
        Membership.CreateUser(model.UserName, model.Password, model.Email, Nothing, Nothing, True, Nothing, createStatus)

        If createStatus = MembershipCreateStatus.Success Then
            FormsAuthentication.SetAuthCookie(model.UserName, False)
            Return RedirectToAction("Index", "Home")
        Else
            ModelState.AddModelError("", ErrorCodeToString(createStatus))
        End If
    End If

    ' If we got this far, something failed, redisplay form
    Return View(model)
End Function
1
asp.net-mvcvb.netasp.net-mvc-3asp.net-membership
The good reason for all these articles being old, is that nothing has been changed with membership, role and profile providers in ASP.NET since version 2. - Steen Tøttrup

1 Answers

1
votes

Personally, I would recommend against using the SQL Profile Provider (which is what you are using). Nothing has changed with profiles since MVC2 (or, for that matter, since it was introduced in webforms with .NET 2.0).

The reason is this: Profile data is stored as XML in the database, which makes it very difficult to use profile data outside of your app (meaning in a pure SQL query).

You're probably much better off creating profile fields in your database directly. This way you know which table / column the data is coming from, and can create views if you need to. Otherwise, you would have to parse a table column's XML to extract the profile data (which is what the ProfileCommon does in .NET).

Reply to comments

First of all, I was wrong about the property name. It is ProviderUserKey, not ProviderKey. However unless you want to store profile properties for anonymous users, you could just as easily use MembershipUser.UserName as your FK value, since it will also be unique.

[HttpPost]
public ActionResult Register(RegisterModel model)
{
    MembershipCreateStatus createStatus;
    var membershipUser = Membership.CreateUser(model.UserName, model.Password, 
        model.Email, null, null, true, null, out createStatus);

    if (createStatus == MembershipCreateStatus.Success)
    {
        var providerKeyObject = membershipUser.ProviderUserKey;
        var providerKeyGuid = (Guid)membershipUser.ProviderUserKey;
        // Use providerKeyGuid as a foreign key when inserting into a profile
        // table. You don't need a real db-level FK relationship between
        // your profile table and the aspnet_Users table. You can lookup this
        // Guid at any time by just getting the ProviderUserKey property of the
        // MembershipUser, casting it to a Guid, and executing your SQL.

        // Example using EF / DbContext
        using (var db = new MyDbContext())
        {
            var profile = new MyProfileEntity
            {
                UserId = providerKeyGuid, // assumes this property is a Guid
                FirstName = model.FirstName,
                LastName = model.LastName,
            };
            db.Set<MyProfileEntity>().Add(profile);
            db.SaveChanges();
        }

        // you could get the profile back out like this
        using (var db = new MyDbContext())
        {
            var profile = db.Set<MyProfileEntity>().SingleOrDefault(p => 
                p.UserId == (Guid)membershipUser.ProviderUserKey);
        }
        FormsAuthentication.SetAuthCookie(membershipUser.UserName, false);
        return RedirectToAction("Index", "Home");
    }
    return View(model);
}

Here is an example using the UserName instead of the ProviderUserKey. I would recommend this approach if you are not storing profile info for anonymous users:

[HttpPost]
public ActionResult Register(RegisterModel model)
{
    MembershipCreateStatus createStatus;
    var membershipUser = Membership.CreateUser(model.UserName, model.Password, 
        model.Email, null, null, true, null, out createStatus);

    if (createStatus == MembershipCreateStatus.Success)
    {
        // Example using EF / DbContext
        using (var db = new MyDbContext())
        {
            var profile = new MyProfileEntity
            {
                // assumes this property is a string, not a Guid
                UserId = membershipUser.UserName,
                FirstName = model.FirstName,
                LastName = model.LastName,
            };
            db.Set<MyProfileEntity>().Add(profile);
            db.SaveChanges();
        }

        // you could get the profile back out like this, but only after the 
        // auth cookie is written (it populates User.Identity.Name)
        using (var db = new MyDbContext())
        {
            var profile = db.Set<MyProfileEntity>().SingleOrDefault(p => 
                p.UserId == User.Identity.Name);
        }
        FormsAuthentication.SetAuthCookie(membershipUser.UserName, false);
        return RedirectToAction("Index", "Home");
    }
    return View(model);
}