Simplified approach to implementing Forms Authentication in MVC 4 Web-apps in VS 2012
(This is the 1st of a 3-article series, on using SimpleMembership along with customized fields)
Article 1: This article
Feature highlights
- Schema gets built directly - no more aspnet_regsql.exe (or aspnet_regsqlazure) needed;
- Much simplified as compared to the earlier membership provider;
- Usable both for SQL Azure as well as on-premises databases;
- Supports OAuth/OpenID, to authenticate users through Facebook, Google etc.
- Easy customization: Adding custom fields to your MVC 4 Registration System
The most interesting details of SimpleMembership
Visual Studio 2012, launched August 15th, uses the new (and very appropriately named) SimpleMembership as its default forms-authentication membership provider for MVC 4 Web Applications, replacing the ASP.NET Membership Provider that all of us have been using for many years. This is a very welcome change. Some of the most interesting changes that we see immediately in this are:- Highly simplified database schema - has just 5 tables, no Views, and no stored procedures.
- Does not use the aspnet_regsql.exe command line tool to generate the schema. Rather, the tables are generated automatically the first time you add a user into the system (through your application). The database used is whatever you set in the connection string in your web.config file.
- The same approach can be used to create the Membership system in Windows Azure, simply by giving the correct connection string in web.config. Since there are no stored procedures and Views to worry about, the system is just a set of tables that is easily synchronizable between your SQL Azure database and your on-premises database.
- Another plus for Azure users: now you don't have to worry about the aspnet_regsqlazure tool any more, because the tables are generated by the new system itself.
- The UserId is now an int column, not a Guid that was used in the previous ASP.NET Membership system. This simplifies the system even more, and reduces space requirement a bit. Please note, however, that you may have to pay attention to this if you need to merge data from 2 separate implementations of the SimpleMembership provider, else there may be key duplication conflicts.
- Supports user authentication through their Facebook, Google, Microsoft Live, Twitter etc accounts, by simple changes in the AuthConfig.cs file in your project (for details, please visit: OAuth/OpenID Support for WebForms, MVC and WebPages).
A quick VS 2012 web project to check out SimpleMembership
2. On the next screen, select Internet Application, and create your new project.
3. Once the new project is created, it's a good idea to update all your NuGet packages - do this by clicking on Tools \ Library Package Manager \ Manage NuGet Packages for Solution, and then selecting Updates > All. Update each of them one by one by clicking on the Update button. (Note - all the DotNetOpenAuth packages will get updated when you simply update the first one.)
4. In the new project's web.config file, change the connection string for DefaultConnection reflect your server, database and relevant db user info. If you specify the "sa" user, even the database itself can be created by your app, however this obviously does not represent best practices.
5. Now press F5 or Ctrl-F5 to run the app, and click the Register button - specify a new user id and password and voila! Your new database schema gets created, along with a data row for the new user! And do notice that it's very lightweight - no SPs and no Views.
6. Select data rows from the tables, and you'll see the new user has been created there.
Happy coding!