custom membership provider that use umbraco roles - Extending Umbraco and using the API

Go to solution

Press Ctrl / CMD + C to copy this to your clipboard.

Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at

Bo Jacobsen 609 posts 2408 karma points

May 16, 2018 @ 14:16

Custom Membership Provider that use Umbraco roles.

Hey Everyone.

Using Umbraco Version 7.10.4

I am a bit stuck, and need some help.

How do i create a Custom Membership provider that uses Umbraco MemberRoles? What i want is that i authendicate against another database, but want to be able to set and use the MemberRoles from the backoffice.

Is that possible?

What i am trying to do is this. the question is if i have to implement IPrincipal and/or Umbraco.Web.Security.Providers.MembersRoleProvider too? Or if we simply can add a role somewhere here, like i tried too with userData?

public class CustomMembershipProvider : Umbraco.Web.Security.Providers.MembersMembershipProvider
{
    public override bool ValidateUser(string username, string password)
    {
        /*
            * Custom code for Authenticate user
            */

        if (true)
        {
            var roles = new string[] { "A", "B" };

            var userData = JsonConvert.SerializeObject(roles);

            var ticket = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddYears(1), true, userData);

            var encryptedTicket = FormsAuthentication.Encrypt(ticket);

            FormsAuthentication.SetAuthCookie(username, true);

            return true;
        }

    }
}

Copy Link

Mike Chambers 636 posts 1253 karma points c-trib

May 16, 2018 @ 16:42

1

This might give you a starting point...

https://pstokes.co.uk/posts/umbraco-members-and-identity-server-part-3/

Copy Link

Bo Jacobsen 609 posts 2408 karma points

May 17, 2018 @ 08:52

Thanks Mike.

We got it working. So we can log in and set FormsAuthenticationTicket with userdata as roles.

Code to set FormsAuthenticationTicket after succesfull custom login.

var roles = new string[] { "A", "B" };

var userData = JsonConvert.SerializeObject(roles);

var ticket = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddYears(1), true, userData);

var encryptedTicket = FormsAuthentication.Encrypt(ticket);

FormsAuthentication.SetAuthCookie(username, true);

MembersRoleProvider

public class CustomRoleProvider : MembersRoleProvider
{
    public override string[] GetRolesForUser(string username)
    {
        var authCookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
        if (authCookie != null)
        {
            var authTicket = FormsAuthentication.Decrypt(authCookie.Value);
            if (authTicket != null)
            {
                var userData = ((FormsIdentity)HttpContext.Current.User.Identity).Ticket.UserData;
                var userInfo = (string[])JsonConvert.DeserializeObject(userData, typeof(string[]));

                return userInfo;
            }
        }

        return new string[0];
    }

    public override bool IsUserInRole(string username, string roleName)
    {
        var userRoles = GetRolesForUser(username);
        return userRoles.Contains(roleName);
    }
}

Copy Link

is working on a reply...

Please Sign in or register to post replies