Geek Answers Handbook

How to save user settings in MVC3

I have an MVC3 application, and I would like to give users the ability to set preferences that will be enabled when a user logs in.

I really don’t know where to start, and I would really like to be pointed in the right direction. I really tried some changes in the membership class, but now I think that probably is not the best way to do things.

+4
source share
3 answers

You can do this in a database (it looks like you are probably using one, at least with a membership provider in the box) that uniquely identifies the user. In this case, you can implement your own membership provider.

You need to do a little work to start implementing your own provider. If this is your only requirement, you can avoid this by writing your own class that returns settings in the format you choose

public static class UserSettings { public static string GetSettings(IPrincipal user) { if(user.Identity.IsAuthenticated) { // dip into database using user.Identity.Name property return "string with user settings"; // this also assumes user.Identity.Name is uniquely able // to identify a user in your database! } return string.Empty; } }

Or, if the information is completely trivial, perhaps you can implement the presentation of cookie settings. This, of course, is connected with all warnings about the use of cookies, but you can avoid storing information in a database.

HttpContext there is an HttpContext , you can get the settings value like this:

 if(HttpContext.Current != null) { string userSettings = HttpRequest.Current.Request.Cookies["NameOfCookie"]; }
+1
source

You can use the FormsAuthentication cookie to store user information and not access the database all the time. This cookie is encrypted and all the information you store is as secure as the user's session. The only problem with cookies is that they have a maximum size of 4K, so if your user information is massive, then you may have a problem. When I use the cookie method, I save my user data as JSON and then deserialize the JSON on each page request. Here is my logic controller logic (I use SimpleMembership, but the approach is the same:

  public ActionResult Login(LoginModel model, string returnUrl) { if (ModelState.IsValid && WebSecurity.Login(model.UserName, model.Password, model.RememberMe)) { var authCookie = Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie != null) { var authTicket = FormsAuthentication.Decrypt(authCookie.Value); if (authTicket != null) { var user = _userLogic.GetItem(model.UserName); if (user != null && user.IsActive) { var newAuthTicket = new FormsAuthenticationTicket(authTicket.Version, authTicket.Name, authTicket.IssueDate, authTicket.Expiration, authTicket.IsPersistent, JsonConvert.SerializeObject(user)); var newCookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(newAuthTicket)) { Expires = authCookie.Expires }; Response.Cookies.Add(newCookie); return RedirectToLocal(returnUrl); } WebSecurity.Logout(); ModelState.AddModelError("UserName", "This account has been deactivated."); return View(model); } } } // If we got this far, something failed, redisplay form ModelState.AddModelError("", "The user name or password provided is incorrect."); return View(model); }

Note the creation of newAuthTicket and how the user instance is passed to it as JSON. After that, all I have to do is desirialize this user object in my OnAuthorization method base controller:

  protected override void OnAuthorization(AuthorizationContext filterContext) { var authCookie = Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie != null) { var authTicket = FormsAuthentication.Decrypt(authCookie.Value); if (authTicket != null) { var principal = new CustomPrincipal(HttpContext.User.Identity) { CurrentUserInfo = JsonConvert.DeserializeObject<User>(authTicket.UserData) }; HttpContext.User = principal; AppUser = principal.CurrentUserInfo; ViewBag.AppUser = AppUser; } } base.OnAuthorization(filterContext); }
+1
source

Create a new table in your database.

-1
source

More articles:


All Articles