使用混合身份验证与Asp.Net MVC（表格，FB连接，叽叽喳喳，OpenID的） [英] Use mixed authentication with Asp.Net MVC (Forms, FB connect, twitter, openId)

问题描述

我正在制作新的网站，我希望用户能够使用多种方式登录，基本上是用户应该能够在我的网站上创建一个新用户或使用Facebook Connect或使用Twitter的帐号登录进入该网站。

I'm creating a new site and I want the users to be able to use several ways to sign in, basically the users should be able to create a new user on my site OR use Facebook connect OR use Twitter's account to log into the site.

我已经看到了使用这些方法之一几个教程，我想知道什么是你认为什么是做到这一点的最佳方法？

I have seen several tutorials on using one of these methods, what I want to know is what do you think is the best approach to do this?

到目前为止，我认为最好的方法是创建一个自定义身份验证模式（类似亚型现有的授权类）。

So far I think the best way would be to create a custom Authentication model (something like subtyping the existing authorization classes).

这是最好的方法？
你能指出我的人一个很好的例子试图类似的东西？

Is this the best approach? Can you point me to a good example of someone trying something similar?

非常感谢

推荐答案

我的博客上讲述最近类似的东西......这是我采取的方法

I blogged about something similar recently...Here's the approach I took

public class User {
    public int UserID { get; set; }
    public string Name { get; set; }
    public string Page { get; set; }

    public virtual Authentication Authentication { get; set; }
}

public class Authentication {
    public int Id { get; set; }
    public string LoginId { get; set; }
    public string Provider { get; set; }
    public string Password { get; set; }

    public virtual User User { get; set; }
}

//login methods
User StandardUserLogin(string username) {
    IDataContext db = new DataContext();
    var user = db.Users.SingleOrDefault(u => u.Authentication.LoginId == username);
    if (user != null) {
        if (user.Authentication.Password == password) {
            SetAuthenticationTicket(user);
            return user;
        }
    }
}

我会根据他们的授权方案是如何工作创建为每种类型的登录不同的登录方式。

I would create a different login method for each type of login depending on how their authorization schemes work.

User OpenIdUserLogin(string username) {
    IDataContext db = new DataContext();
    var user = db.Users.SingleOrDefault(u => u.Authentication.LoginId == username && u.Authentication.Provider == "openid");
    if (user == null) {
        //create new openid user
    }

    if (user.Authentication.LoginId == id) {
        SetAuthenticationTicket(user);
        return user;
        }
}

//openid's authentication method
[ValidateInput(false)]
public ActionResult Authenticate(string returnUrl) {
    IAuthenticationResponse response = OpenId.GetResponse();

    if (response == null) {
        //make openid request here
    } else {
        var user = OpenIdUserLogin(response.ClaimedIdentifier);
    }
}

顺便说一句，这两个班在顶部再present我的实体框架波苏斯
这里的关键是验证表是从用户表是分开的。它允许一个用户在签署的多种方法。希望这可以帮助你得到你的轨道上。

Btw, the two classes at the top represent my Entity Framework POCOs The key here is the Authentication Table which is separate from the user table. It allows one user to have multiple methods of signing in. Hope this helps you get you on track.

这篇关于使用混合身份验证与Asp.Net MVC（表格，FB连接，叽叽喳喳，OpenID的）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！