Introduction
In a previous article entitled SimpleMembershipProvider vs MembershipProvider I described the limitations in using SimpleMembershipProvider as a MembershipProvider. This is a followup article which provides my own solution to this problem.
The BetterMembership.Net library bridges the gap between the ExtendedMembershipProvider interface which is used with the WebSecurity API via SimpleMembershipProvider (see ASP.NET MVC4 Web Application - Internet template), and the older MembershipProvider interface (see ASP.NET Web Forms template).
By using the BetterMembership.Net library you can take advantage of the newer features of ExtendedMembershipProvider, but still use pre-existing user management tools for out-of-box user administration (including ASP.NET Web Site Administration Tool). This is not possible when using the vanilla SimpleMembershipProvider implementation of ExtendedMembershipProvider.
Features
- Supports SQL Server, SQL Compact and SQL Azure
- Compatible with EntityFramework and code-first
- Uses a clean database schema
- Works with existing user tables
- Plugs into existing user administration tools (including WSAT)
- Supports initialization of multiple provider instances
- Supports external authentication providers
- Provides customizable validation of username/email/password
How It Works
The library overcomes limitations of the WebSecurity implementation, and allows multiple provider instances to be configured and used at runtime. This is useful for complex applications that involve multiple authentication schemes for partitioning users, such as in Sitecore for example.
The achieve this, the library uses a bit of reflection to swap out the default provider at runtime during a call to WebSecurity.InitializeDatabaseConnection. This overcomes the limitations hardwired into the WebSecurity implementation, and enables multiple provider instances to be initialized (rather than only the default instance). Of course these can't then be used with WebSecurity API directly, but can be used effectively with dependency injection.
The call to WebSecurity.InitializeDatabaseConnection now actually happens inside the provider's own Initialize method to make the provider entirely self-contained and backwards compatible. This feature can be disabled for use with code-first, but it does enable users to be administrated via the Visual Studio WSAT tool or by other provider based interfaces.
Under the hood the library extends SimpleMembershipProvider and implements many of the unsupported methods. To facilitate this it introduces a new userEmailColumn property on the provider, and uses this to map the user defined email column to the email property of the MembershipUser instance returned by the older APIs. Likewise other properties are mapped to the new schema, and default values returned for any unsupported members.
Extended Implementation
The following methods missing from SimpleMembershipProvider are implemented by BetterMembershipProvider.
- CreateUser
- GetUser+
- GetUserNameByEmail
- FindUserByUserName
- FindUserByEmail
- GetAllUsers
- FindUsersByName
- FindUsersByEmail
- UnlockUser
- ResetPassword
+ The userIsOnline flag is ignored, but may be implemented in the future.
Installation
Install the library using Nuget.
PM> Install-Package BetterMembership.Net
Documentation & Source
