I need help with something that I messed with.. I customized the default identity in Asp.Net, I changed the names of the tibles and the type of the user (from string to Guid). When I override the Id of my User I receive errors with the UserManager (for registration) and with SignInManager (for log in). I didn't find a way to change their implementation...
If I don't override the user Id, I get 2 Ids when an User is created - a new Guid that's needed and another with value "00000000-0000-0000-0000-00000000000"
How can this issue be solved?
Related
I have followed on from the following answer here: How to extend IdentityUser with custom property
My variables I have added (following the above answer) are:
int numberID
string fullName
This is built upon the default Visual Studio 2017 ASP.net Web Application selected with options Web API and Individual User Accounts Authentication.
I am now trying to read the current value of both numberID and fullName of the current user inside the ValuesController of the project.
I have tried doing
var currentUser = System.Web.HttpContext.Current.User.Identity.GetUserId();
var currentnumberID = currentUser.numberID;
But am having no sucess with the last line of code.
I have also used User.Identity.GetUserName() and was wondering if there was a way to access my new variables WITHOUT creating a User Identity Extension?
OR
Better yet, with my Web API app what is the best way to add additional variables / fields for the user. Ie I would like to add both fullName and numberID associated to each user and be able to access these in my Web API controllers (eg call for current user and list the variables associated to the current user). I am beginning to think I have taken the wrong road by trying to use UserIdentity.
EDIT
Ended up biting the bullet and following the very easy approach here: How to Get Custom Property Value of the ApplicationUser in the ASP.Net MVC 5 View?
of adding a User Identity extension. Previous answers seemed complicated but that answer was simple and works!
The problem is that you are reading UserId and treating it like User object.
You need to use UserManager, to get the user User object. Inside controller's action method, you have access to UserManager, so you can simply use it:
var currentUser = UserManager.FindById(User.Identity.GetUserId());
If you are not inside controller's action method, then you need to get the UserManager from HttpContext:
var UserManager = HttpContext.GetOwinContext().GetUserManager<ApplicationUserManager>();
I have a project in MVC. I would like to save a variable and have it accessible as long as the user is logged in, to get it or set it.
The reason for this is that the application uses the information I would put in there, to get data. I now need to add admin functions so an admin can see more then only his own results, and therefore I would need to change this ID, depending on what result he wants to see.
I have tried using a session, but the problem I have with that is that when the user closes the website, and at a later time returns, he is still logged in, but the session variable is null.
I also tried to add a property to my base class. I was able to set it, but when I tried to get it in a different controller, the property was null as well.
What is the best/fastest/correct way to do this? I would prefer to not use the database for this, if possible.
What you are looking for is a "Session". On login you can just do
Session["Key"] = "Value";
And on logout you can empty the field
Session["Key"] = String.Empty;
You can read more about sessions here: https://msdn.microsoft.com/en-us/library/ms178581.aspx
I have successfully created custom users and roles within the Asp.Net Identity framework, however one section which is lacking is support for the 'Roles' collection within a User. I added a logical 'Deleted' flag within a UserRole and I want this to be included when EF retrieves the info from the database, however all it does is retrieve everything (which isn't what I want). Senario:
User A has a Role of 'admin' (non-deleted)
I then add a Role of 'super-admin' and then delete 'admin'
If I then access my version of IdentityUser (which has the 'Roles' ICollection - custom type) I still see the 2 roles (1 deleted, 1 not)
What I want to happen is on login (using mostly default functions with various sections overridden), when EF retrieves the data it should know to exclude any row which is flagged as deleted, however I have been unable to find any method of doing this. Because all the boilerplate code is locked, I cannot easily see what is happening or find any logical place to override this functionality.
Can anyone help with this?
You could just scan the roles after login and remove them with code similar to this:
var roles = UserManager.GetRoles(userId);
foreach (var roleName in roles)
{
var role = RoleManager.FindByName(roleName);
if (role.IsDeleted) UserManager.RemoveFromRole(userId, roleName);
}
What would be the easiest way to get AD user object properties via a webform based on user input?
To elaborate a bit more this is what I would need:
User enters input to an input field (Employee number - we store it as an extension attribute in AD)
On button click the form returns additional user object properties of the account (such as sAMAccountname, Manager) and displays it on the page (preferably)
I also need to have these properties converted to variables the form can use to pass on to another page sending an e-mail with the retrieved information.
We're using asp for our webforms. So far we only needed to pass user input directly to the mail sender, but this one seems more tricky.
Appreciate any help, thanks!
If you're on .NET 3.5 and up, you should check out the System.DirectoryServices.AccountManagement (S.DS.AM) namespace. Read all about it here:
Managing Directory Security Principals in the .NET Framework 3.5
MSDN docs on System.DirectoryServices.AccountManagement
Basically, you can define a domain context and easily find users and/or groups in AD:
// set up domain context
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
{
// find a user
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, "SomeUserName");
if(user != null)
{
// display the various properties of the "user" object in your web page
}
}
The new S.DS.AM makes it really easy to play around with users and groups in AD!
I'm using asp.net Membership, I develop an admin page who can regenerate a temp password to send to the user, then when the user log on for first time, the password must be changed, but I cant figure out who to know if the password was reseted.
I tried something like in a base controller:
if (user.LastPasswordChangedDate >= user.LastLoginDate)
{
filterContext.Result = RedirectToAction("ChangePassword", "Account");
}
But, I already have updated the LastLoginDate because the ChangePassword Action need to be with a autenticated user.
I was thinking when reseting the password to lock/unlock the user to get updated the "LastLockoutDate" and do:
if (user.LastPasswordChangedDate >= user.LastLockoutDate)
{
filterContext.Result = RedirectToAction("ChangePassword", "Account");
}
But, I can't find a method to do manual lockout
Thanks!!!
There's a lot of things you could do, some would depend on how your system works. For instance, you could store a specific piece of data in the Comment field, if you're not using comments.
Or, if you don't use the "Approved" bit (that is, when you create new users you do not require them to validate an email or something, but instead create them with IsApproved set to true) then you can set IsApproved to False and force a password change if it's false.
There is no method to access much of this data in the Membership API, you just have to access it from you database.
You could also store this in the Personalization provider.
Another option is to simply avoid storing this in the Membership database, and instead just add a table or a field in your apps data to deal with this.