Code First Membership



Last updated: January 28th, 2024

This is the third and final part in a series on building an article system with continuous deployment in ASP.NET MVC 4. Previously I created a Code First database and set up a way to have automated deployment. I now have the site synchronizing to my remote server and database with testing. I need to have a way to secure my site so that only I can make blog posts. To add membership I'm going to install a NuGet package for CodeFirstMembership:

PM> Install-Package CodeFirstMembershipProviderSharp -ProjectName MySite
This adds several files to the project that allow specification of fields. When I run the project, click register and make an account, it goes out and creates a database on my local SQLExpress instance for the context. This is easy to set up but I don't want to have multiple databases, I want my membership and blogging tables to be in the same database.
To have this membership provider work with my local database I will want to first delete the database it created in my SQLExpress. Although ASP.NET is defaulting my database to a context name in SQLExpress when run on my local machine, I want to combine all of my site contexts into one database. One way to do that is to have a base context but in code first migrations having multiple contexts with a single database won't work. This appears to be a limitation on Entity Framework 5, future releases may resolve this issue. So I have to go through all my contexts and consolidate them to be a single context.
After putting all of my Models in the same namespace and combining all of my contexts to a single context, I can add a new migration and Entity Framework can scaffold this for me. Now I have refactored the code first migration membership code to work with a single context and will update my database for my web project. I want to make sure I any default membership and roles providers in my Web.config so that when I run my site I can control where it stores my membership information. After doing this I can run my site and register an account.
Now that I have an account, it's time to prevent just anyone from going to my articles index and writing an article. I want to be the only one who can create articles on the site right now so I want to place the [Authorize] attribute on my ArticlesController class. Now when I run my site I can see that it's only going to allow me to access the articles controller if I am logged in, otherwise it bounces me to the login page. I'll want to refactor the scaffolded code so that people can see articles but not create them. I'll need to make adjustments to the Web.config, namespaces, initializers, correct errors that are identified by FxCop and then deploy the site. After doing that I can create an account on my live site, it doesn't migrate the data in my local database, my local and remote database are two different data stores.
My site now is backed up in version control, works with automated deployment of both my website and database and has a membership provider. I can now finally focus on making the UI, moving Razor and C# code around. I'm going to scrap the default styles that ASP.NET provides and download HTML5 Boilerplate because it looks much better to me. One benefit of HTML5 Boilerplate is that I can select to have a response layout, that will enable tablets, mobile and desktop devices to all see my site in an optimized fashion. I am also going to add a WYSIWYG editor, CKEditor via NuGet, so that I can work on articles with something more representative than a text box. This is a great text editor, it allows a simple JavaScript file and textarea to be all that I'll need. It allows me to go full screen, put links, edit the source and lots of other usefulness.
I'll need to adjust my controllers and my views so that I can allow commenting, prevent unwanted registrations and create clean URLs for my articles. Once I have all of this complete, I'll be able to host my own articles and allow commenting on them. The membership provider that I've installed is a great and fast way to have a custom provider where I can change the primiary key to an Integer and not a Guid. This is much more useful than the autogenerated one that ASP.NET comes with because that pumps a database full of tables and stored procedures which are less than ideal to edit. I've now got a full fledged article system with continuous deployment, commenting and a rich text editor.

Comments

No Comments

Post Comment

Prove you are human 2 + 11 =

Tagged: PowerShell


Join my email list!



ryan
About Me

With over 15 years in tech, I've excelled as a senior software engineer, specializing in ASP.NET, C#, SQL, Azure, and front-end technologies. I've led diverse projects across various sectors, from startups to global corporations, particularly during my decade in the San Francisco Bay Area.


Sign Up With SoftSys Hosting! (My host)