开发者

bare bones MembershipProvider in sitecore

开发者 https://www.devze.com 2023-03-29 20:58 出处:网络
I\'m trying to implement a really really simple MembershipProvider for sitecore, but i\'m not sure if it\'s too simple to actually work. Basically we already have a custom store for user data so i kno

I'm trying to implement a really really simple MembershipProvider for sitecore, but i'm not sure if it's too simple to actually work. Basically we already have a custom store for user data so i know that a customer MembershipProvider is the way to go. However my app will not log anyone in, a different part of the system is responsible for that. Also, it doesn't care who exactly is logged in, just whether they are or aren't (the who part is irrelevant in the content area of my site).

So what is the best way to go about this? I am passed a token in the HTTP header which allows me to identify whether someone is logged in or not (i could even use this to actually find out who the customer is if i so wished) - don't worry it's encrypted.

I've read through the sitecore docs b开发者_如何学编程ut they all deal with full implementations of MembershipProviders.

So is it possible to actually have a membership provider that does only this i.e. returns either a user to signify being logged or an "anonymous" user for those who are logged out? it need not be concerned with anything else - password reset, look up users by email and all that jazz.

Thanks, Nick

EDIT: with the help of Jens below i have eschewed a full-blown MembershipProvider in favour of a more lightweight approach.

this is what i have so far, the problem being that users are not kept logged in over multiple requests.

public class TokenLogin : HttpRequestProcessor
{


    #region Overrides of HttpRequestProcessor

    /// <summary>
    /// Processes the specified args.
    /// </summary>
    /// <param name="args">The args.</param>
    public override void Process(HttpRequestArgs args)
    {
        var customer = SomeCodeToParseAndValidateToken();

        //customer is null if token is invalid or missing
        if(customer == null || Sitecore.Context.User.IsAuthenticated) return;

        CreateVirtualUser(customer);
    }

    private static void CreateVirtualUser(CustomerAccount customer)
    {
        string userName = "extranet\\" + customer.CustomerAccountId;

        User userItem = AuthenticationManager.BuildVirtualUser(userName, true);   
        userItem.Profile.Initialize(userName, true);    
        userItem.Profile.Save();

        AuthenticationManager.Login(userItem.Name);
    }

    #endregion
}


Implementing a membershipprovider is a lot of work for what you seem to need. If I were you I would implement a scenario, where you create a virtual user everytime someone needs to be logged in. So the logic would be to check if a user has your token, then create a virtual user, log the virtual user in and you should be good to go.

Here is a guide on the virual user thingie: http://sdn.sitecore.net/Articles/Security/Faking%20user%20roles/Virtual%20user.aspx

EDIT: The code in the link is depricated. Here is how you add virtual users:

   userName = "extranet\\"+userName    
   User userItem = AuthenticationManager.BuildVirtualUser(userName, true);   
   userItem.Profile.Initialize(userName, true);    
   userItem.Profile.Email = userName + "@yourdomain.com";   
   userItem.Profile.Save();

   AuthenticationManager.Login(userItem.Name)

EDIT 2: I have the following code:

    public class TestVirtualUserProcessor : HttpRequestProcessor
    {


      public override void Process(HttpRequestArgs args)
      {
        HttpContext.Current.Response.Write(Sitecore.Context.User.Name + "<br/>");
        HttpContext.Current.Response.Write(Sitecore.Context.User.IsAuthenticated + "<br/>");

        CreateVirtualUser("jenneren");

        HttpContext.Current.Response.Write(Sitecore.Context.User.Name + "<br/>");
        HttpContext.Current.Response.Write(Sitecore.Context.User.IsAuthenticated + "<br/>");
        }

      private static void CreateVirtualUser(string name)
      {
        string userName = "extranet\\" + name;

        User userItem = AuthenticationManager.BuildVirtualUser(userName, true);
        userItem.Profile.Initialize(userName, true);
        userItem.Profile.Save();

        AuthenticationManager.Login(userItem.Name);
      }


    }

This outputs the following the first time I hit the frontend:

extranet\Anonymous False extranet\jenneren True

And the second time I hit the frontend I get:

extranet\jenneren True extranet\jenneren True

So it should work. Cheers Jens

0

精彩评论

暂无评论...
验证码 换一张
取 消