How to extend/customize MVC4 Internet Application WebSecurity/SimpleMembership

3
votes

I've been trying my best to search for more information on how to modify/extend/customize the default membership system available in MVC4 Internet Application (EF 5 Code First) in Visual Studio 2012 Express.

I would like to know how to implement email verification such that when a user registers an email is sent with an activation link. When they click on the link their account is activated and they can log in using their username or email.

I would also like to know how to implement simple Roles for registered users by assigning a default role during registration.

Similar Questions: How do I manage profiles using SimpleMembership?

How do you extend the SimpleMembership authentication in ASP.NET MVC4

But I would really like to work with the existing simplemembership system.

This post is quite close: http://blog.longle.net/2012/09/25/seeding-users-and-roles-with-mvc4-simplemembershipprovider-simpleroleprovider-ef5-codefirst-and-custom-user-properties/

I've also seen this post: http://weblogs.asp.net/jgalloway/archive/2012/08/29/simplemembership-membership-providers-universal-providers-and-the-new-asp-net-4-5-web-forms-and-asp-net-mvc-4-templates.aspx

This is the closest I've found so far: http://weblogs.asp.net/thangchung/archive/2012/11/15/customize-the-simplemembership-in-asp-net-mvc-4-0.aspx

This is also useful but for WebPages: http://blog.osbornm.com/archive/2010/07/21/using-simplemembership-with-asp.net-webpages.aspx

I was hoping to find a more comprehensive walk-through on the proper way to extend it.

1
asp.net-mvc-4securitysimplemembership
Do you still need an answer to this question?Komengem

1 Answers

1
votes

It does not look like you got any answer.

Unless I do not fully understand what you want to do, there is no need to modify/extend/customize the default SimpleMembership to provide an email registration mechanism, or assign a default role during registration, as all of this can be done inside AccountController.

As an example, here is a register method I am using:

    [HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public ActionResult Register(RegisterModel model)
    {
        if (ModelState.IsValid) //TODO Change this to use a worker to send emails.
        {
            // Check if email exists already before creating new user
            using (UsersContext db = new UsersContext())
            {
                UserProfile email = db.UserProfiles.FirstOrDefault(u => u.Email.ToLower() == model.Email.ToLower());
                UserProfile uName =
                    db.UserProfiles.FirstOrDefault(u => u.UserName.ToLower() == model.UserName.ToLower());

                // Attempt to register the user
                try
                {
                    if (email == null && uName == null && this.IsCaptchaVerify("Captcha is not valid"))
                    {
                        bool requireEmailConfirmation = !WebMail.SmtpServer.IsEmpty();
                        string confirmationToken = WebSecurity.CreateUserAndAccount(model.UserName, model.Password, new
                        {
                            FirstName = model.FirstName,
                            LastName = model.LastName,
                            Email = model.Email                               
                        },
                        requireEmailConfirmation);
                        if (requireEmailConfirmation)
                        {
                            EmailViewModel eml = new EmailViewModel
                                                     {
                                                         ToEmail = model.Email,
                                                         Subject = "Confirmez votre inscription",
                                                         FirstName = model.FirstName,
                                                         LastName = model.LastName,
                                                         Body = confirmationToken
                                                     };

                            UserMailer.ConfirmRegistration(eml).SendAsync();

                            Response.Redirect("~/Account/Thanks");                            
                        }
                        else
                        {
                            WebSecurity.Login(model.UserName, model.Password);
                            Response.Redirect("~/");
                        }                           
                    }
                    else
                    {
                        if (email != null)
                            ModelState.AddModelError("Email", "Email address already exists. Please enter a different email address.");

                        if (uName != null)
                            ModelState.AddModelError("UserName", "User Name already exists. Please enter a different user name.");

                        if (!this.IsCaptchaVerify("Captcha is not valid"))
                            TempData["ErrorMessage"] = "Captcha is not valid";
                    }

                }
                catch (MembershipCreateUserException e)
                {
                    ModelState.AddModelError("", ErrorCodeToString(e.StatusCode));
                }
            }
        }

        // If we got this far, something failed, redisplay form
        return View(model);
    }

There is no default role assigned here, but it would be easy to add once EmailConfirmation is validated.

As the question is quite old, I hope it help someone!