How to get info about logged user in my controller (MVC Player) in composite c1?
As you were doing in normal asp.net application do the same trick
To Get the user name
string userName = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
Related
Here is the scenario :
USER 1
1) Goes to login page
2) Writes email and password which are sent to the server by a mutation
3) Authentication OK -> the server returns a token and user informations (id, firstName, lastName)
4)The token and each user information are stored in a separate key in local storage
5) The user is redirected to the HomePage
6) The user goes to Profile Page
7) A query is sent to the server to retrieve all the informations about that user (thanks to the user id stored in local storage)
Here is the query :
const PROFILE_QUERY = gql`
query profileQuery($id: ID!) {
getUser(id: $id) {
firstName
lastName
email
}
}
`;
export default graphql(PROFILE_QUERY, {
options: {
variables: {
id: localStorage.getItem("id")
},
errorPolicy: "all"
}
})(ProfilePage);
8) The server returns the informations and the user can see them in the Profile Page
9) The user decides to logout
So everything is working for the first user, now a second user arrives at the same computer and the same browser.
USER 2
Same steps than the previous user from 1 to 7
The query sent to the server to retrieve user informations is not working because the id sent by the query is the id of the previous user (and a user is not allowed to retrieve informations about an other user)
If I do a browser refresh the query is sent with the good user id...
So why the id variable is not refreshed (seems like the id value in local storage is not read) at the first attempt ? How can I resolve this ?
Thank you for your help.
That happens because your options field is static and is evaluated when the file containing the query is first loaded. (I'm assuming somewhere, perhaps steps 3 or 4, the id in local storage is updated correctly for the second user.)
config.options can be an object like the one you are passing now or a function that is evaluated when needed by the query.
So to load the id from the localStorage each time instead of just once, you can do something like this:
options: () => ({
variables: {
id: localStorage.getItem("id")
},
errorPolicy: "all"
})
Then first user logged out, you need to reset Apollo store and clear local storage.
I want users to be able to log in with facebook/google via a mobile app(android and ios) and/or a website(built with asp.net MVC)...
What should my database be storing to make authentication work across mobile app and website? userId , google/facebook token?
Im unsure how to go about saving user information.
Should I combine this with OWIN? I dont know much about asp.net identity but have seen that it fairly straight forward with 3rd party providers....the question is if i login from the mobile app for the first time should i programatically add the new user to the database?
So far I think this seems like the best link: http://bitoftech.net/2014/07/16/enable-oauth-refresh-tokens-angularjs-app-using-asp-net-web-api-2-owin/
but I'm hoping theres a simpler way.
Im getting google/fb tokens and sending them to the server to get the ids of the users...
What do i need to do here, so that if the google/fb user logs in through the web, they will be recognised as the same user.
It seems like MS have made it so easy to use ASP.Net Identity to set up social login for the web, but have ignored how that can be used with mobile to use a sql server db to store user/membership details...
Just trying to work out the best way of managing users for mobile and web as one
This link describes everything you are looking for http://www.asp.net/mvc/overview/security/create-an-aspnet-mvc-5-app-with-facebook-and-google-oauth2-and-openid-sign-on
What you have to store in the database in order to check if user already exist in your database or not can be get from the response you will get from Facebook or Google after a users credential verified, Facebook & Google must be giving the details of the users back in response. like Email Id, Date of birth etc., you can save these details in your database and at every login check it user already exist or not and register accordingly.
Details that comes in response is mentioned in another post WebApi ASP.NET Identity Facebook login
public class FacebookLoginModel
{
public string token { get; set; }
public string username { get; set; }
public string userid { get; set; }
}
public class FacebookUserViewModel
{
public string id { get; set; }
public string first_name { get; set; }
public string last_name { get; set; }
public string username { get; set; }
public string email { get; set; }
}
It's relatively straightforward for Google Sign in.
The easiest way is for you to store the unique ID in your local database that Google returns for each account that you authenticate with it.
You can call the getSignInAccount method after the sign-in intent succeeds.
Auth.GoogleSignInApi.getSignInResultFromIntent(data);
GoogleSignInAccount acct = result.getSignInAccount();
String personName = acct.getDisplayName();
String personEmail = acct.getEmail();
**String personId = acct.getId();**
Uri personPhoto = acct.getPhotoUrl();
And whether the person signs in from the phone or the mobile, you know it is the same person. More details at https://developers.google.com/identity/sign-in/android/people
In any case, you will have to programmatically store the user in your database every time someone new logs in. So you will have to store their personID as an additional field to authenticate them overtime.
I am new to ASP.NET MVC Forms Authentication and have just started to create my own Custom Membership Provider. My ValidateUser and ChangePassword methods work but now I want to use the GetUser method to return the current user's data throughout my site. My AX method returns an AxaptaRecord which contains details of the user, like their phone number, company name etc.. How would I use this with the GetUser method?
You just need to create a new instance of MembershipUser object and populate properties from the AxaptaRecord object, here is some pseudocode:
MembershipUser user = new MembershipUser("AX",
(string)axRecord.get_Field("name"),
axRecord.get_Field("recid"),
email, //get this from SysUserInfo table
string.Empty,
string.Empty,
(bool)axRecord.get_Field("enable"),
!(bool)axRecord.get_Field("enable"),
(DateTime)Convert.ChangeType(axRecord.get_Field("createdDateTime"), typeof(DateTime)),
DateTime.MinValue,
DateTime.MinValue,
DateTime.MinValue,
DateTime.MinValue);
Then you return user from your GetUser method. See the GetUser method description here: http://msdn.microsoft.com/en-us/library/f1kyba5e.aspx
Controller:
var userDetails = System.Web.Security.Membership.GetUser(username);
Then, there are many different ways for you to pass the data to View.
Each way has its advantage and disadvantage.
For details, please click here.
Model strongly-typed view can let you easily handle validation and generate data but not very good in display data if you have more than one table.
In my MVC application I am using membership service . I need a page to list the users. But there are 1000's of users are in my application. So i don't need to display all of them in one page.
I am planning to give a search option .I mean admin user can search by specifying user role and how many users can show in one page.How can i do this ? Any ideas?
current code
Model
public MembershipUserCollection Users { get; set; }
Controller
model.Users = Membership.GetAllUsers();
But i am getting all users in the application.
You probably want to query your role provider:
public ActionResult Foo()
{
string[] usernamesInRole = Roles.GetUsersInRole("some_role");
...
}
I create a new user, approve them, then immediately attempt to authenticate with the credentials I just used to create the user...and get "false" back the Authenticate method.
string username = "me";
string password = "mypassword";
string email = "me#domain.com";
Membership.CreateUser(username, password, email);
currentUser = Membership.GetUser(username);
currentUser.IsApproved = true;
bool isAuthenticated = FormsAuthentication.Authenticate(username, password);
I checked the database table -- the user is created with that username, password, and email. According to the database table, they are approved.
Yet, the Authenticate method still returns false.
You need to call the UpdateUser method after you change their approved status...
Membership.UpdateUser(currentUser);
http://msdn.microsoft.com/en-us/library/system.web.security.membershipuser.isapproved.aspx
Likely that the authentication mechanism is using a different data store under the covers that has yet to be cascade to.