Pergunta
I need some advice ...
I have an application written in asp.net 1.1 that uses forms authentication. It uses forms authentication and all users are stored in database. In this authentication method, the email address of the user is very important since it is used to activate the account, and retrieve forgotten passwords.
This application will be rewritten from scratch, and i want to use OWIN for authentication via external parties, but i still want to have my own memberlist that can be managed locally. I also still want to use the email address for account activation and recovery of lost passwords.
The first thing that stumped me in the new web project layout in VS2013, is that when you choose to register locally, no email address is required. So if you leave everything as is and a registered user forgets his password, his account is unrecoverable.
So, what i want to do now is extend/modify the default OWIN project template to include the old method of working with local accounts: i want to add the email address of the user as a required field (along with some other fields specific to my application), and provide the functionality for account activation and password recovery.
I would also like to keep the fields that are specific to my application away from the AspNet tables: who knows what framework we'll be using in another 10 years?
What is the best way to go forward? Start adding fields to the AspNet tables and write the added functionality, or is there a better way that does not require me to touch the internals of a framework that is not under my control?
Solução
Wait for the next version of ASP.NET Identity -- right now (as you discovered) they don't have this feature. If you can't wait, then you can consider a different library for managing your identities, such as this one:
https://github.com/brockallen/BrockAllen.MembershipReboot/
Or, you just stick with the identity management library you're using. If the other libraries don't have useful features (and especially if they are missing needed features) then there might be no reason to change.
Outras dicas
This kinda answered my question:
Look at this post. It shows how to use the base OWIN classes for auth/cookie management, but hook up an independent Membership framework (Brock Allen's or your own). This way you can also add on third party authentication schemes (Google, FB) through the OWIN pipeline as needed.
https://stackoverflow.com/questions/21383028
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian