How to Implement Individual Accounts without Registration in ASP.Net MVC - asp.net

I'm wanting to test ASP.NET MVC for a new project. One of the requirements is not allowing users to register themselves. When I select individual accounts in the MVC project type, it does not allow for the elimination of the registration option.
Is it possible to create an individual account project without the user registration portion? Do I need to roll my own custom classes? If so, what? I've looked for similar answers, but cannot find any without an already deep discussion and assumption that I am already familiar with libraries involved.
Thank you for any help.

Related

Asp.Net Webforms: Using Identity roles upon registration

*Solved.. Figured it out on my own.
Alright, I've searched and searched and even checked out the similar questions here. None of them are getting me what I need.
I currently have a Web Forms application that is using Identity. Right now I am trying to allow someone who is registering to choose from two different roles. One is Event Manager and the other is Data Entry.
I'm currently teaching myself .Net and using Web Forms. I see a lot of MVC references (I need to learn next) but since I don't know MVC yet it's hard to follow, especially since I'm just beginning. I already played with the Wingtip Toys tutorial that created an admin role into the programming, but how can I get this to work on the register page?
Is there anyone who can just point me in the right direction of where to start? Any good tutorials.

ASP.Net identity framework as a form of authentication?

I am a little confused as to how the identity framework works. For example in VS 2013 we can create an MVC application that the authentication is individual user accounts. Once we create it we can register with a username and password. But what if we wanted to have also a DOB in the registration or some other fields such as email or phone etc? Can we do this with the identity framework? What about the way the data base is structured, can we have a custom structure? Or if I want this should I be using forms authentication? Also what is the difference between the Identity framework and Forms authentication in terms of authentication?
Although your post has already been marked as answered, I’d like to add a little more info for future readers.
The first thing we need to understand with VS and Microsoft is that they’ve always tried to provide us with Templates to help us get started. There are many Pros and Cons to using Templates but the idea is that it gets you started quickly without having to manually include stuff yourself.
The idea of Templates is great but to the untrained eye, it provides Microsoft an opportunity to include stuff that THEY think you’ll need or better yet, what your application will need.
This opportunity includes promoting products such as Identity, Knockout.js etc...
In short, Microsoft is not wrong in doing that since the majority of the people do not second guess what is included in their project and because they…well…trust Microsoft.
A great analogy is when you purchase a new computer from a major retailer. When you arrive home and start your computer, you quickly notice that you have a bunch of pre-installed software running in the background (that you never asked for).
To the untrained eye, they will never realize that these are running in the background and their computer will work regardless. But for someone that is aware, he will most likely uninstall all of them and have a cleaner plate.
So Templates are similar to this...
As for the rest of your questioning, I’m sure by now you’ve found the answers.
Even though Microsoft sells ASP Identity as a single solution, Forms Authentication and Identity (Membership) are two distinct frameworks that work together, but serve different purposes:
Forms Authentication manages authentication session/cookies.
Membership/Identity is the store for user information (credentials, user demographics, etc.)
Look here for some additional information and links.

Moving an asp.net application to membership model

I have used asp.net so far to create personal web applications, for example, an application where I maintain to-do tasks in an MS SQL Server database or a customer management and support system. I use the basic authentication via web.config where I can create another user who can look and work with such a database, but then all the data is shared between him and me.
But now I want to convert this application into a membership model where a user signs up and will get to use his own personal list of to-do tasks. I can think of the following approach. Please correct me if I'm wrong on some point or if I have missed something.
Steps:
Add a membership user table and use the primary key of this table to access other tables where I will need to add this column, the to-do list in this case.
Next, I will need to write the Login, Signup and User management logic to maintain the user table. Here, I was hoping to find some working samples but all searches give me only ASP.NET MVC membership samples. I don't want to use MVC because I am using third-party asp.net components. As far as I know I can not use MVC with those components. Any links to ready made samples similar to MVC but for asp.net?
I also want the users to be able to login with their google id, dropbox id, etc. Is this possible while having my own login/signup? How does user table change then? Is the Email Address the only data to link up all these things? For example, if someone logs in with google id, I authenticate using Google oauth 2 API but use the email address as the data to add or locate that user to give him his data tables. I'm confused on how this kind of user table looks where all kinds of logins are possible along with a custom one. Any ideas?
http://www.shiningstar.net/ASPNet_Articles/SqlMembershipProvider.aspx
This should help talk you through what you need to do.
I got the exact solution that combines membership with oauth and is built into ASP.NET 4.5. What is more, there is a video that demos it all!
http://www.asp.net/vnext/overview/aspnet/oauth-in-the-default-aspnet-45-templates

ASP.Net Web Forms Entity Level Access Control

I have an ASP.Net Web Forms application in which I'm using forms-based authentication with Membership and Role providers, which is fine for authenticating and controlling access to directories and/or files. Now I find myself needing to control read, write and delete access on individual entity instances, for example being able to update or delete an instance of a customer. I've been trying to think of a good way to implement this but I don't really know where to start. I read about the Authorize attribute in ASP.Net MVC and thought it would be nice to have something analogous--decorating methods the way you can controller actions in ASP.Net MVC. I don't know of any out of the box way to accomplish this in the Web Forms world though, and don't know of any frameworks or other tools that might help me move in that direction. Any suggestions, both in terms of existing solutions and/or how to design my own implementation would be greatly appreciated.
The easiest way is to demand that the user is a member of the role(s) required for the method in question with PrincipalPermissionAttribute.
[PrincipalPermission(SecurityAction.Demand, Role="Supervisor")]
[PrincipalPermission(SecurityAction.Demand, Role="Owner")]
public void DeleteSomething() {...}
Note that this means Supervisor OR Owner can DeleteSomething().
I don't think "PrincipalPermission" is a good approch.
What If, I need to allow DeleteSomthing() for another role?
similarly, If I need to remove existing role for DeleteSomthing()?
The only way is changing the attributes at code level. This is not at all feasible for big projects.
I am also looking for a nice solution.

ASP.NET: Managing Users and Roles (CMS, Portal, etc?)

I am not sure how to phrase a good question, so I will just say what I am after!
I have to retool a web application for our vendors and part of that requires restricting content on a vendor by vendor basis. Looking at ASP.NET (MVC) this seems easy enough using the built in Authorization Filters and the IPrincipal and IIdentity interfaces (I haven't used them yet, just reading, so I may be using these terms incorrectly!).
What I'm not interested in doing is writing all the code for managing users and roles. I would love to be able to assume all of this is done for me by a third party application, and my code simply specifies roles required.
Now, I'm not exactly sure the product I am after, or if it even exists. Is this a CMS? Right now our vendor site uses a very old version of DNN. Some of our existing custom code is written as a module within DNN. I am not interesting in this type of solution at all. I want to be able to build a standard ASP.NET webapp and not be tied to a certain vendor 'module' definition. It seems like this should be possible if the CMS / Portal implement custom providers behind the ASP.NET provided API's, yah?
The primary (only) customer here is developers, if that makes sense.
Notes:
I really don't need a full blown CMS, which is why I'm confused on what type of product to search for. Some CMS functionality might be nice, but the site is only for very specific vendor interaction that is going to be 95% custom.
I see that ASP.NET provies a website administration tool, and that is cool, but doesn't solve the public facing aspects of user interaction.
ASP.NET provides extensive membership and role management APIs that are pretty easy to work with since version 2.0. They are available in ASP.NET MVC. Probably they do not require much more work than you would do anyway for styling or other stuff. But since you don't want to do it anyway, you can use a simple Web form with a Login control in your MVC app and make routing ignore that path with:
routes.IgnoreRoute("SignIn.aspx");
Just drag a login control to SignIn.aspx as you would in any Web form app.

Resources