Sitecore中的裸骨MembershipProvider [英] bare bones MembershipProvider in sitecore

问题描述

我正在尝试为sitecore实现一个非常简单的MembershipProvider，但是我不确定它是否真的很简单.基本上，我们已经有一个用于用户数据的自定义存储，所以我知道客户MembershipProvider是必经之路.但是，我的应用程序不会登录任何人，这由系统的不同部分负责.此外，它也不在乎究竟是谁登录了，只是在乎是否登录(谁的部分与我网站的内容区域无关).

I'm trying to implement a really really simple MembershipProvider for sitecore, but i'm not sure if it's too simple to actually work. Basically we already have a custom store for user data so i know that a customer MembershipProvider is the way to go. However my app will not log anyone in, a different part of the system is responsible for that. Also, it doesn't care who exactly is logged in, just whether they are or aren't (the who part is irrelevant in the content area of my site).

那么最好的方法是什么?我在HTTP标头中传递了一个令牌，该令牌使我可以识别是否有人登录(如果我愿意的话，我甚至可以使用它来真正找到谁是客户)-不用担心它是加密的.

So what is the best way to go about this? I am passed a token in the HTTP header which allows me to identify whether someone is logged in or not (i could even use this to actually find out who the customer is if i so wished) - don't worry it's encrypted.

我已经阅读了sitecore文档，但是它们都处理了MembershipProvider的完整实现.

I've read through the sitecore docs but they all deal with full implementations of MembershipProviders.

那么实际上有可能只有一个成员资格提供程序来执行此操作，即返回一个用户来表示已登录，或者返回一个匿名"用户来注销这些用户吗?它不需要担心其他任何事情-重置密码，通过电子邮件和所有爵士乐查找用户.

So is it possible to actually have a membership provider that does only this i.e. returns either a user to signify being logged or an "anonymous" user for those who are logged out? it need not be concerned with anything else - password reset, look up users by email and all that jazz.

谢谢， 尼克

在下面的詹斯(Jens)的帮助下，我避开了成熟的MembershipProvider，而采用了一种更轻量级的方法.

with the help of Jens below i have eschewed a full-blown MembershipProvider in favour of a more lightweight approach.

这是我到目前为止所拥有的，问题是用户无法保持在多个请求上的登录状态.

this is what i have so far, the problem being that users are not kept logged in over multiple requests.

public class TokenLogin : HttpRequestProcessor
{


    #region Overrides of HttpRequestProcessor

    /// <summary>
    /// Processes the specified args.
    /// </summary>
    /// <param name="args">The args.</param>
    public override void Process(HttpRequestArgs args)
    {
        var customer = SomeCodeToParseAndValidateToken();

        //customer is null if token is invalid or missing
        if(customer == null || Sitecore.Context.User.IsAuthenticated) return;

        CreateVirtualUser(customer);
    }

    private static void CreateVirtualUser(CustomerAccount customer)
    {
        string userName = "extranet\\" + customer.CustomerAccountId;

        User userItem = AuthenticationManager.BuildVirtualUser(userName, true);   
        userItem.Profile.Initialize(userName, true);    
        userItem.Profile.Save();

        AuthenticationManager.Login(userItem.Name);
    }

    #endregion
}

推荐答案

实施Membershipprovider对于您似乎需要的工作很多.如果您是我，那么我将实现一个方案，在该方案下，每次有人需要登录时都创建一个虚拟用户. 因此，逻辑将是检查用户是否拥有您的令牌，然后创建一个虚拟用户，然后将该虚拟用户登录，然后您就可以使用了.

Implementing a membershipprovider is a lot of work for what you seem to need. If I were you I would implement a scenario, where you create a virtual user everytime someone needs to be logged in. So the logic would be to check if a user has your token, then create a virtual user, log the virtual user in and you should be good to go.

以下是有关虚拟用户thingie的指南: http://sdn .sitecore.net/Articles/Security/Faking％20user％20roles/Virtual％20user.aspx

Here is a guide on the virual user thingie: http://sdn.sitecore.net/Articles/Security/Faking%20user%20roles/Virtual%20user.aspx

链接中的代码已描述.添加虚拟用户的方法如下:

The code in the link is depricated. Here is how you add virtual users:

   userName = "extranet\\"+userName    
   User userItem = AuthenticationManager.BuildVirtualUser(userName, true);   
   userItem.Profile.Initialize(userName, true);    
   userItem.Profile.Email = userName + "@yourdomain.com";   
   userItem.Profile.Save();

   AuthenticationManager.Login(userItem.Name)

我有以下代码:

    public class TestVirtualUserProcessor : HttpRequestProcessor
    {


      public override void Process(HttpRequestArgs args)
      {
        HttpContext.Current.Response.Write(Sitecore.Context.User.Name + "<br/>");
        HttpContext.Current.Response.Write(Sitecore.Context.User.IsAuthenticated + "<br/>");

        CreateVirtualUser("jenneren");

        HttpContext.Current.Response.Write(Sitecore.Context.User.Name + "<br/>");
        HttpContext.Current.Response.Write(Sitecore.Context.User.IsAuthenticated + "<br/>");
        }

      private static void CreateVirtualUser(string name)
      {
        string userName = "extranet\\" + name;

        User userItem = AuthenticationManager.BuildVirtualUser(userName, true);
        userItem.Profile.Initialize(userName, true);
        userItem.Profile.Save();

        AuthenticationManager.Login(userItem.Name);
      }


    }

这是我第一次访问前端时输出的以下内容:

This outputs the following the first time I hit the frontend:

外部网络\匿名 错误的 外联网\ jenneren 是

extranet\Anonymous False extranet\jenneren True

第二次我到达前端时，我得到了:

And the second time I hit the frontend I get:

外部网络\ jenneren 真的 外联网\ jenneren 是

extranet\jenneren True extranet\jenneren True

因此它应该可以工作. 干杯 詹斯

So it should work. Cheers Jens

这篇关于Sitecore中的裸骨MembershipProvider的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！