Facebook和asp.net会员积分 [英] Integration of Facebook and asp.net membership

问题描述

我想允许用户注册使用Facebook的我的网站。我已经使用在客户端进行身份验证和授权，并在服务器端的C＃SDK的JS SDK来得到我所需要完成的用户配置文件中的信息。 我的问题是，我为了让用户登录他的Facebook帐户，我需要在我的会员提供者创建一个用户名和密码了。 我已经决定，我将使用Facebook的电子邮件作为用户名，但我能做些什么密码？我怎么可以在以后对其进行识别？

I want to allow users to sign up to my website using Facebook. I already use the JS SDK on the client side for authentication and authorization and the C# sdk on the server side to get all the information I need to complete the user profile. My issue is that I order to allow the user to login with his facebook account, I need to create a username and password for him in my membership provider. I already decided I'll use the Facebook email as the username, but what can I do about the password? How can I later authenticate him?

感谢您！

编辑：什么我其实问的是：一旦用户通过Facebook认证的第一次，我有他所有的信息，我怎么会去马平的信息，以会员的用户（以用户名和密码），以及如何而言​​，我会回来去登录电子他（送他一件memebrship的Cookie在响应），下一次他要登录他已经创建的用户。我知道我需要通过Facebook每次来验证，但我考虑到我是如何处理asp.net成员方，而不是事物的Facebook的一面。很抱歉，如果我是不清楚的：）

What I am actually asking is: Once the user authenticates via Facebook for the first time and I have all his info, how would I go about maping that info to a membership user (in terms of username and password) and how would I go about loging him back in (sending him a memebrship cookie in the response) the next time he wants to login with his already created user. I know I need to authenticate via facebook each time, but I'm considering how I deal with the asp.net membership side, not the Facebook side of things. Sorry if I was unclear before :)

推荐答案

Facebook的使用的OAuth 2.0 。你可以验证用户身份的唯一方式是通过发送用户对Facebook的登录页面，并重定向回用他们的OAuth的实现。这essentually为您提供了有限的用户特定的时间 access_token 。

Facebook uses OAuth 2.0. The only way you can authenticate a user is by sending the user to a Facebook login page, and redirecting back using their OAuth implementation. This essentually provides you with a user specific time limited access_token.

这是不是真的很适合MembershipProviders，虽然可以要求 offline_access权限，让您在任何时候代表用户进行授权的请求。用户必须同意这一点。 Facebook的T＆放大器; Cs的是，你不能否认不同意扩展权限的用户访问你的网站，所以这又打破了模型

It isn't really a good fit for MembershipProviders, although it is possible to request offline_access permission which allows you perform authorized requests on behalf of the user at any time. The user has to agree to this. Facebook T&Cs are that you can't deny the user access to your site for not agreeing to extended permissions, so this again breaks the model.

我并不是说这是不可能的，它只是似乎并不值得。你只想使用窗体身份验证部分没有会员会更好。设置身份验证cookie的＆放大器;基于Facebook的验证身份验证cookie的 access_token 。

I'm not saying it's not possible, it just doesn't seem worth the effort. You would be better off just using the forms authentication parts without membership. Setting up auth cookie & validating auth cookie based on facebook access_token.

有关与Facebook的身份验证一下开源.NET的OAuth库。我也写了Facebook的整合一篇文章，列出了一些集成技术（和意见）的这里。

For authentication with Facebook look at open source .NET OAuth libraries. I also wrote an article of Facebook integration which shows some integration techniques (and opinions) here.

更新根据您修正问题：

使用窗体身份验证cookie来存储您选择（Facebook的用户名为例）的唯一标识符。您还可以将当前的 access_token 在cookie中。

Use Forms authentication cookie to store the unique identifier of your choosing (Facebook username for instance). You can also store the current access_token in the cookie.

if (OAuth.ValidateUser(username, user_access_token))
{  
  // store the user access token to make it available on each request
  string userData = user_access_token;

  FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
    1,                                     // ticket version
    username,                              // authenticated username
    DateTime.Now,                          // issueDate
    DateTime.Now.AddMinutes(30),           // expiryDate
    isPersistent,                          // true to persist across browser sessions
    userData,                              // can be used to store additional user data
    FormsAuthentication.FormsCookiePath);  // the path for the cookie

  // Encrypt the ticket using the machine key
  string encryptedTicket = FormsAuthentication.Encrypt(ticket);

  // Add the cookie to the request to save it
  Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket));

  // Your redirect logic
  Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent));
}

然后重写认证请求读取cookie并且得到用户的详细信息。

Then override authenticate request to read the cookie and retrieve the user details.

protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
    HttpCookie authCookie = Request.Cookie[FormsAuthentication.FormsCookieName];
    if(authCookie != null)
    {
        //Extract the forms authentication cookie
        FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);

        // If caching roles in userData field then extract
        string user_access_token = authTicket.UserData;

        // Create the IIdentity instance, maybe use a custom one
        // possibly retrieve extra data from database or whatever here
        IIdentity id = new FacebookIdentity( authTicket, user_access_token );

        // Create the IPrinciple instance
        IPrincipal principal = new GenericPrincipal(id, new string[]{});

        // Set the context user 
        Context.User = principal;
    }
}

然后在每个请求的code：

Then in your code on each request:

var username = Context.User.Identity.Username;
// implement as an extension method on IIdentity which types to
// FacebookIdentity to get user_access_token
var user_access_token = Context.User.Identity.Access_Token;

这篇关于Facebook和asp.net会员积分的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！