I need to implement login for users that require not only Username and Password , but also CompanyId. The username is unique only for a company so there could be many occurrences of a username with a different companyId as a record. I tried to extend my current simple membership provider, but i guess that is not working for me(How to make WebSecurity.Login to login using username or email?). My UserProfile table looks like this
[Table("UserProfile")]
public partial class UserProfile
{
[Key]
[DatabaseGeneratedAttribute(DatabaseGeneratedOption.Identity)]
public int UserId { get; set; }
public string UserName { get; set; }
public int CompanyId { get; set; }
Can i validate user by userId and password. I need to make something like this:
public class ExtendedSimpleMembershipProvider : SimpleMembershipProvider
{
public override bool ValidateUser(string username, string password, int companyId)
{
int userId = GetUserId(username, companyId);
return SomehowValidateUser(userId, password);
}
private int GetUserId(string username, int companyId)
{
var userId = (from users
in context.UserProfile
where (users.UserName.ToLower() == username) || (users.CompanyId == companyId)
select users.UserId).First();
return userId;
}
}
How would that work ?
It worked out this way :
public static bool ValidateUser(string username, string password, string companyName)
{
int companyId = MyRepository.GetCompanyIdByName(companyName);
int? userId = companyId == 0 ? null : MyRepository.GetUserId(username, companyId);
if (userId.HasValue && userId.Value != 0)
{
var userKey = username + "@" + companyName.ToLower();
return WebSecurity.Login(userKey, password);
}
else
{
return false;
}
}