My client has requested that we allow users to create multiple user accounts with the same email address, the difference between then would be the role their assigned during registration (Role 1 or Role 2)
I've changed the registration code to assign them to the selected role ok.
I've changed the login method to detect the role and find the correct member from the database but:
The issue begins if the user has used the same username (Email address) and password for both Roles.
When setting the FormsAuthentication.SetCookie(username, true), and then redirecting to the profile page, I use this code to lookup the current member:
public static CustomMember GetCurrentCustomMember(this MembershipHelper helper)
{
if (!helper.IsLoggedIn())
{
return null;
}
var umbracoHelper = new UmbracoHelper(UmbracoContext.Current);
var member = umbracoHelper.TypedMember(helper.GetCurrentMember().Id);
return GetInternalCustomMember(member);
}
It appears the internal Umbraco code is looking up the Current Logged In Member, but by username only and only finding the first member that matches the username (email address).
Do I need to change the way the SetCookie is created, passing in the Role perhaps ?
Is there a better way of using helper.GetCurrentMember() ?
I've read this through a few times now, and am trying to make sense of it...
I don't fully get why a user would need two different accounts with the same username / email and password combination - in order to be 'two different roles' How would any system infer 'which role' they intended to be from their username and password combination if the insistence is they could be the same :-)
How about one username and password for the person logging in, and then after logging in, you check how many roles they are currently in, and if they are in multiple roles, why not show a screen that says
"Hey you've logged in, but you have two roles - which role do you want to be today ?" and have a couple of links for each role that when the user clicks, set's them as that role on the current login session.
or could the system not respond to the user being in both roles ? eg if a role is an Admin, and another is some kind of user, could the system show the options for those two roles at the same time ? - eg are the roles actually mutually exclusive ?
Yeah, when we first designed the system, you either were a 'Freelancer' or a 'Buyer', but the client has now added the requirement that a user can be both roles.
I've changed the login form so you have to pick which role your trying to login as. This saves the selected Role as a cookie.
This works fine until you hit anything to do with the Umbraco MembershipHelper, the methods in there i.e GetCurrentMember only return the first member it finds with the email address.
I think there's a bigger fundamental roadblock, in that the Umbraco backend does not allow you to save any member that has a duplicate username / email address.
Yeah, I don't see why you can't have one login, and if someone is a freelancer and a buyer, they have the options to do both tasks from the single login.
You can get around duplicate emails, by storing the email as a guid + email for the member, and creating a custom property on the Member Type for the real email address.
How about when you create a user, their username gets stored in Umbraco as usernamebuyer or usernamefreelancer.
Your login form has
Username:
Password:
freelance or buyer
The user types in their normal username, and selects 'buyer' before attempting to login you add "buyer" to their username, and try to authenticate them, if they select freelancer you append "freelancer" - get current member should only return the one user, depending on the type they have logged in as ?
Membership - Non unique username
My client has requested that we allow users to create multiple user accounts with the same email address, the difference between then would be the role their assigned during registration (Role 1 or Role 2)
I've changed the registration code to assign them to the selected role ok.
I've changed the login method to detect the role and find the correct member from the database but:
When setting the FormsAuthentication.SetCookie(username, true), and then redirecting to the profile page, I use this code to lookup the current member:
public static CustomMember GetCurrentCustomMember(this MembershipHelper helper) { if (!helper.IsLoggedIn()) { return null; }
It appears the internal Umbraco code is looking up the Current Logged In Member, but by username only and only finding the first member that matches the username (email address).
Do I need to change the way the SetCookie is created, passing in the Role perhaps ?
Is there a better way of using helper.GetCurrentMember() ?
Hey Ian
I've read this through a few times now, and am trying to make sense of it...
I don't fully get why a user would need two different accounts with the same username / email and password combination - in order to be 'two different roles' How would any system infer 'which role' they intended to be from their username and password combination if the insistence is they could be the same :-)
How about one username and password for the person logging in, and then after logging in, you check how many roles they are currently in, and if they are in multiple roles, why not show a screen that says
"Hey you've logged in, but you have two roles - which role do you want to be today ?" and have a couple of links for each role that when the user clicks, set's them as that role on the current login session.
or could the system not respond to the user being in both roles ? eg if a role is an Admin, and another is some kind of user, could the system show the options for those two roles at the same time ? - eg are the roles actually mutually exclusive ?
Hi Marc,
Yeah, when we first designed the system, you either were a 'Freelancer' or a 'Buyer', but the client has now added the requirement that a user can be both roles.
I've changed the login form so you have to pick which role your trying to login as. This saves the selected Role as a cookie.
This works fine until you hit anything to do with the Umbraco MembershipHelper, the methods in there i.e GetCurrentMember only return the first member it finds with the email address.
Hi Ian,
Getting the correct current member given multiple members with the same email could be tricky.
You could get the current username/email and then use the Member Service to filter by the group.
So maybe something like this could work for you?
Although this may not be so great if you have a ton of members.
/B.
I think there's a bigger fundamental roadblock, in that the Umbraco backend does not allow you to save any member that has a duplicate username / email address.
I don't think this is going to work.
Yeah, I don't see why you can't have one login, and if someone is a freelancer and a buyer, they have the options to do both tasks from the single login.
You can get around duplicate emails, by storing the email as a guid + email for the member, and creating a custom property on the Member Type for the real email address.
How about when you create a user, their username gets stored in Umbraco as usernamebuyer or usernamefreelancer.
Your login form has Username: Password: freelance or buyer
The user types in their normal username, and selects 'buyer' before attempting to login you add "buyer" to their username, and try to authenticate them, if they select freelancer you append "freelancer" - get current member should only return the one user, depending on the type they have logged in as ?
Great idea, I'll try this next, thanks for you help.
is working on a reply...