Custom ASP.Net Membership and the Login control

Question

I am creating a custom membership provider for a web app that already has it's users stored in an existing database table. I used some code from a tutorial to help jump start my provider but I am a bit lost on how i can interact with the actual log in process.

My custom provider has an override method for ValidateUser() and at the moment I am just returning true there. But I want to create a current user object to store in session scope. This object will just store some specifics about the user.

I guess another option would be to use the ASP.Net profile provider but again I am not clear on where to hook into log in process to run some code that would either create this user object or populate the profile information for the current user.

Answer 1

使用“关注点分离”的原理，您的成员资格提供者不应在Session中存储任何用户信息。

Answer 2

As John said, don't make your provider code store the user information in Session. Instead, you can use a Login control ( here you have some more details about it), it will be using your provider if everything is correctly configured, and if the login is successful (in your case it will be because you're returning true) you can get the user in the OnLoggedIn event handler, by calling the GetUser method of the provider, and store the MembershipUser returned in Session.

Your code could look something similar to this:

protected void LoginCtrl_LoggedIn(object sender, EventArgs e)
{
    var user = Membership.GetUser(LoginCtrl.UserName, true);
    Session["CurrentUser"] = user;
}