I'm just starting out learning ASP.NET MVC. I'm working on a project created with the standard project template which by default uses a SqlMembershipProvider. This has automatically created a ASPNETDB.mdf database in my project to hold membership information. How can I associate the members stored in this database with my actual application data?
我刚开始学ASP。净MVC。我正在开发一个使用标准项目模板创建的项目,该模板默认使用SqlMembershipProvider。这将自动创建一个ASPNETDB。我项目中的mdf数据库保存会员信息。如何将存储在此数据库中的成员与实际的应用程序数据关联起来?
Should I simply reference the current user's name in my action methods using this.User.Identity.Name to use as a key when storing or retrieving user specific information to and from my application's database? Or should I be using this.User.Identity.UserId instead? I always thought integer based IDs were much faster to look up vs string or GUID base IDs. But the primary key of the aspnet_Users table is a GUID field.
我是否应该使用this.User.Identity在操作方法中引用当前用户的名称。在向我的应用程序的数据库存储或检索用户特定信息时使用的名称?或者我应该使用this。user。identity。用户标识呢?我一直认为基于整数的id查找字符串或GUID的id要快得多。但是aspnet_Users表的主键是GUID字段。
Is there any difference between this.user vs this.HttpContext.User? What about the IPrincipal returned from these properties vs the MembershipUser returned from Membership.GetUser(). What is the difference between these?
这两者之间有什么区别吗?用户对this.HttpContext.User ?那么从这些属性返回的IPrincipal与从Membership.GetUser()返回的MembershipUser()之间的IPrincipal是什么呢?它们之间有什么区别?
Also, is it best to keep the membership information in a separate database from the application database? Or is it ok to merge them together into a single database?
此外,是否最好将成员信息保存在与应用程序数据库分开的数据库中?还是可以将它们合并到一个数据库中?
3 个解决方案
#1
1
There's a few elements to your question, a few points:
你的问题有几个要点:
I normally use the identity name as it's typically more efficient to use. The get user function gets the full user data from the database and updates the last access time. The IPrinciple doesn't require this and uses in memory data. As such the username property is quicker and more readily available. The main caveat would be if you might allow users to change their user name, in which case the ID would make more sense.
我通常使用标识名,因为使用它通常更有效。get user函数从数据库获取完整的用户数据,并更新最后的访问时间。IPrinciple不需要这个,并在内存数据中使用。因此,用户名属性更快更容易获得。主要的警告是,如果允许用户更改他们的用户名,那么ID将更有意义。
It sounds like you are making considerations for having a lot of user related records. You are right, integers are the quickest to look up. If you have large volumes of data then you might want to map your users to an integer, either by extending the membership provider or by adding a mapping table.
这听起来好像你在考虑有很多用户相关的记录。你是对的,整数是查询最快的。如果您有大量的数据,那么您可能希望通过扩展成员资格提供程序或添加映射表将用户映射到一个整数。
As for the this.User vs HttpContext.User, no difference.
至于这个。用户对HttpContext。用户,没有区别。
#2
1
The default template should give you an "AccountModel" in the Models folder which creates wrappers for some of the formsauthentication/membership functions. you can extend on that and add a function to return the current "HttpContext.Current.User" which is an IPrincipal stored in the current HttpContext. With the Name property from that you could query Membership by username to get the Membership data (the IPrincipal just stores the very basics such as username,roles,etc the MembershipUser has all the other data pulled from the db).
默认模板应该在模型文件夹中为您提供一个“AccountModel”,它为一些formsauthentication/membership函数创建了包装器。您可以对此进行扩展,并添加一个函数来返回当前的“HttpContext.Current”。User”是存储在当前HttpContext中的IPrincipal。使用Name属性,您可以按用户名查询成员资格以获取成员资格数据(IPrincipal只存储最基本的数据,如用户名、角色等,MembershipUser拥有从db中提取的所有其他数据)。
The SqlMembershipProvider is pretty crappy imo and limiting other than for small projects...and at the same time waay to complicated. I'm using it now on a site with 2000+ accounts and it's a pita if you want to customize anything. It's better off (and there is lots of examples on the net) just to write your own that uses formsauthentication and get rid of the Membership crap. I have one now I wish I wrote one to begin with.
SqlMembershipProvider在我看来是相当糟糕的,除了小型项目之外,它还受到限制…同时也变得复杂。我现在在一个有2000多个账户的网站上使用它,如果你想定制任何东西,它是一个pita。最好是自己编写一个使用formsauthentication的程序,去掉那些会员制的垃圾。我现在有一个,我希望我写一个开始。
#3
0
In apps where I have used SqlMembershipProvider, I have typically stored its tables/sprocs in the same DB as my application tables and then linked my app tables to the user tables using a foreign key. The one time I didn't do it this way was when one user database was going to be shared between multiple distinct applications that each had their own app database.
在使用SqlMembershipProvider的应用程序中,我通常将其表/sprocs存储在与应用程序表相同的DB中,然后使用外键将应用程序表链接到用户表。我没有这么做的一次是当一个用户数据库在多个不同的应用之间共享时每个应用都有自己的应用数据库。
#1
1
There's a few elements to your question, a few points:
你的问题有几个要点:
I normally use the identity name as it's typically more efficient to use. The get user function gets the full user data from the database and updates the last access time. The IPrinciple doesn't require this and uses in memory data. As such the username property is quicker and more readily available. The main caveat would be if you might allow users to change their user name, in which case the ID would make more sense.
我通常使用标识名,因为使用它通常更有效。get user函数从数据库获取完整的用户数据,并更新最后的访问时间。IPrinciple不需要这个,并在内存数据中使用。因此,用户名属性更快更容易获得。主要的警告是,如果允许用户更改他们的用户名,那么ID将更有意义。
It sounds like you are making considerations for having a lot of user related records. You are right, integers are the quickest to look up. If you have large volumes of data then you might want to map your users to an integer, either by extending the membership provider or by adding a mapping table.
这听起来好像你在考虑有很多用户相关的记录。你是对的,整数是查询最快的。如果您有大量的数据,那么您可能希望通过扩展成员资格提供程序或添加映射表将用户映射到一个整数。
As for the this.User vs HttpContext.User, no difference.
至于这个。用户对HttpContext。用户,没有区别。
#2
1
The default template should give you an "AccountModel" in the Models folder which creates wrappers for some of the formsauthentication/membership functions. you can extend on that and add a function to return the current "HttpContext.Current.User" which is an IPrincipal stored in the current HttpContext. With the Name property from that you could query Membership by username to get the Membership data (the IPrincipal just stores the very basics such as username,roles,etc the MembershipUser has all the other data pulled from the db).
默认模板应该在模型文件夹中为您提供一个“AccountModel”,它为一些formsauthentication/membership函数创建了包装器。您可以对此进行扩展,并添加一个函数来返回当前的“HttpContext.Current”。User”是存储在当前HttpContext中的IPrincipal。使用Name属性,您可以按用户名查询成员资格以获取成员资格数据(IPrincipal只存储最基本的数据,如用户名、角色等,MembershipUser拥有从db中提取的所有其他数据)。
The SqlMembershipProvider is pretty crappy imo and limiting other than for small projects...and at the same time waay to complicated. I'm using it now on a site with 2000+ accounts and it's a pita if you want to customize anything. It's better off (and there is lots of examples on the net) just to write your own that uses formsauthentication and get rid of the Membership crap. I have one now I wish I wrote one to begin with.
SqlMembershipProvider在我看来是相当糟糕的,除了小型项目之外,它还受到限制…同时也变得复杂。我现在在一个有2000多个账户的网站上使用它,如果你想定制任何东西,它是一个pita。最好是自己编写一个使用formsauthentication的程序,去掉那些会员制的垃圾。我现在有一个,我希望我写一个开始。
#3
0
In apps where I have used SqlMembershipProvider, I have typically stored its tables/sprocs in the same DB as my application tables and then linked my app tables to the user tables using a foreign key. The one time I didn't do it this way was when one user database was going to be shared between multiple distinct applications that each had their own app database.
在使用SqlMembershipProvider的应用程序中,我通常将其表/sprocs存储在与应用程序表相同的DB中,然后使用外键将应用程序表链接到用户表。我没有这么做的一次是当一个用户数据库在多个不同的应用之间共享时每个应用都有自己的应用数据库。