What is the alternative to Membership.ValidateUser() in SimpleMembership? I use WebSecurity.Login to validate the current user, but I have a situation where a user has to enter their password again to change some user settings. Should I just use WebSecurity.Login again? Seems like overkill.
Asked
Active
Viewed 1,302 times
4
Mike Cole
- 14,474
- 28
- 114
- 194
-
You can work it arround Login out the user, store the url that will be used to redirect after the login, login the user again, and then redirect it – Fals Sep 18 '13 at 14:55
-
Thanks for the note, but I'm looking for a better method. – Mike Cole Sep 18 '13 at 14:58
-
Maybe, Redirect the user to an alternate login page that makes him enter the credentials, then if its all ok redirect it to a NonAction, that can be acessed only by server! – Fals Sep 18 '13 at 15:07
-
Thanks again, but that's still hackish. In old Membership I could just call `ValidateUser` and all was good. I'm holding out hope. – Mike Cole Sep 18 '13 at 15:10
1 Answers
8
I also needed to just validate a user in SimpleMembership and I think I found a good solution. You just need to grab the membership provider and call the method from there. Here is how I did it.
public static bool ValidateUser(string userName, string password)
{
var membership = (WebMatrix.WebData.SimpleMembershipProvider)Membership.Provider;
return membership.ValidateUser(userName, password);
}
I created unit test for this and verified that it works. You can get a list of the methods available for this membership provider here.
I added this to the open source project SimpleSecurity, which looks at ways to extend SimpleMembership and provides examples on how to use SimpleMembership. It also decouples SimpleMembership from your MVC application.
Kevin Junghans
- 17,475
- 4
- 45
- 62