Last post Nov 02, 2009 11:19 AM by nicequy
Nov 01, 2009 05:42 PM|m784|LINK
I'm aware of the
LiveID documentation, and blog posts by
Maarten Balliauw and
Peter Bromberg on the matter. I may be mistaken, but I believe Maarten's solution no longer works as it was designed for an old version of MVC.NET. Peter's post specifically addresses ASP.NET, not MVC. It probably wouldn't be too hard to adapt Peter's
strategy for MVC though. However, I thought I'd ask if there were specific examples out there of using LiveID with MVC.NET. Are there?
I currently have things working without using the Membership provider. However, this means I can't use the [Authorize] action filter or MVC.NET's User object. I'm on version 2 preview 2, if that matters.
Nov 02, 2009 01:56 AM|nicequy|LINK
I have implemented quite a few MVC sites with Live ID and I found the best solution for me was to write my own Authorize filter...which is very, very easy to do. Works like a champ.
Hope this helps,
Nov 02, 2009 02:53 AM|m784|LINK
Coincidentally, shortly after I made my original post I thought to make a custom Authorize filter and got things working very easily. However, I'm still uncertain about keeping the Membership provider in place. Also, I'm considering getting rid of the
Account controller also. However, if I keep both the Membership provider in place, I can still do things like check when the user last logged in. The Account controller makes it easy to set cookies for authenticated users.
Can you elaborate on your solution? Are you using a Membership provider? How about the Account controller? Cookies?
Nov 02, 2009 11:19 AM|nicequy|LINK
Well, I ended up not using the Membership provider because it is primarily used for authentication and that is taken care of by Live Id so I didn't need the Membership provider for anything else. I could see maybe wanting to use the Role or Profile providers.
I personally do not like the way that profile information is stored using the SqlProfileProvider so I avoid it.
In my solutions, I created a LiveIdAuthorize filter, a LiveContext so that I could encapsulate things like cookie and PUID retrieval, and a UserController that handled sign in and out and updating user information. User information (including roles) was
stored in Sql and retrieved using typical mechanisms. The Authorize filter just makes this simple and straightforward to implement without the providers not to mention extremely testable.