Facebook和asp.net会员积分 [英] Integration of Facebook and asp.net membership
问题描述
我想允许用户注册使用Facebook的我的网站。我已经使用在客户端进行身份验证和授权,并在服务器端的C#SDK的JS SDK来得到我所需要完成的用户配置文件中的信息。 我的问题是,我为了让用户登录他的Facebook帐户,我需要在我的会员提供者创建一个用户名和密码了。 我已经决定,我将使用Facebook的电子邮件作为用户名,但我能做些什么密码?我怎么可以在以后对其进行识别?
I want to allow users to sign up to my website using Facebook. I already use the JS SDK on the client side for authentication and authorization and the C# sdk on the server side to get all the information I need to complete the user profile. My issue is that I order to allow the user to login with his facebook account, I need to create a username and password for him in my membership provider. I already decided I'll use the Facebook email as the username, but what can I do about the password? How can I later authenticate him?
感谢您!
编辑:什么我其实问的是:一旦用户通过Facebook认证的第一次,我有他所有的信息,我怎么会去马平的信息,以会员的用户(以用户名和密码),以及如何而言,我会回来去登录电子他(送他一件memebrship的Cookie在响应),下一次他要登录他已经创建的用户。我知道我需要通过Facebook每次来验证,但我考虑到我是如何处理asp.net成员方,而不是事物的Facebook的一面。很抱歉,如果我是不清楚的:)
What I am actually asking is: Once the user authenticates via Facebook for the first time and I have all his info, how would I go about maping that info to a membership user (in terms of username and password) and how would I go about loging him back in (sending him a memebrship cookie in the response) the next time he wants to login with his already created user. I know I need to authenticate via facebook each time, but I'm considering how I deal with the asp.net membership side, not the Facebook side of things. Sorry if I was unclear before :)
推荐答案
Facebook的使用的OAuth 2.0 。你可以验证用户身份的唯一方式是通过发送用户对Facebook的登录页面,并重定向回用他们的OAuth的实现。这essentually为您提供了有限的用户特定的时间 access_token
。
Facebook uses OAuth 2.0. The only way you can authenticate a user is by sending the user to a Facebook login page, and redirecting back using their OAuth implementation. This essentually provides you with a user specific time limited access_token
.
这是不是真的很适合MembershipProviders,虽然可以要求 offline_access权限,让您在任何时候代表用户进行授权的请求。用户必须同意这一点。 Facebook的T&放大器; Cs的是,你不能否认不同意扩展权限的用户访问你的网站,所以这又打破了模型
It isn't really a good fit for MembershipProviders, although it is possible to request offline_access permission which allows you perform authorized requests on behalf of the user at any time. The user has to agree to this. Facebook T&Cs are that you can't deny the user access to your site for not agreeing to extended permissions, so this again breaks the model.
我并不是说这是不可能的,它只是似乎并不值得。你只想使用窗体身份验证部分没有会员会更好。设置身份验证cookie的&放大器;基于Facebook的验证身份验证cookie的 access_token
。
I'm not saying it's not possible, it just doesn't seem worth the effort. You would be better off just using the forms authentication parts without membership. Setting up auth cookie & validating auth cookie based on facebook access_token
.
有关与Facebook的身份验证一下开源.NET的OAuth库。我也写了Facebook的整合一篇文章,列出了一些集成技术(和意见)的这里。
For authentication with Facebook look at open source .NET OAuth libraries. I also wrote an article of Facebook integration which shows some integration techniques (and opinions) here.
更新根据您修正问题:
使用窗体身份验证cookie来存储您选择(Facebook的用户名为例)的唯一标识符。您还可以将当前的 access_token
在cookie中。
Use Forms authentication cookie to store the unique identifier of your choosing (Facebook username for instance). You can also store the current access_token
in the cookie.
if (OAuth.ValidateUser(username, user_access_token))
{
// store the user access token to make it available on each request
string userData = user_access_token;
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, // ticket version
username, // authenticated username
DateTime.Now, // issueDate
DateTime.Now.AddMinutes(30), // expiryDate
isPersistent, // true to persist across browser sessions
userData, // can be used to store additional user data
FormsAuthentication.FormsCookiePath); // the path for the cookie
// Encrypt the ticket using the machine key
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
// Add the cookie to the request to save it
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket));
// Your redirect logic
Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent));
}
然后重写认证请求读取cookie并且得到用户的详细信息。
Then override authenticate request to read the cookie and retrieve the user details.
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
HttpCookie authCookie = Request.Cookie[FormsAuthentication.FormsCookieName];
if(authCookie != null)
{
//Extract the forms authentication cookie
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
// If caching roles in userData field then extract
string user_access_token = authTicket.UserData;
// Create the IIdentity instance, maybe use a custom one
// possibly retrieve extra data from database or whatever here
IIdentity id = new FacebookIdentity( authTicket, user_access_token );
// Create the IPrinciple instance
IPrincipal principal = new GenericPrincipal(id, new string[]{});
// Set the context user
Context.User = principal;
}
}
然后在每个请求的code:
Then in your code on each request:
var username = Context.User.Identity.Username;
// implement as an extension method on IIdentity which types to
// FacebookIdentity to get user_access_token
var user_access_token = Context.User.Identity.Access_Token;
这篇关于Facebook和asp.net会员积分的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!