I have built an application based on HotTowel template and so far it looks great. With a minor problem... It has no account management. SimpleMembership and SimpleRole have been implemented and so far everything works as intended. Accounts are based on ASP.NET MVC SPA template. What I can do is - add new Users only in Seed method (there should be no register, only administrator can add people) and once they are set, they can't be changed. It is not a problem to include views from SPA template and use those for management, but that doesn't fit into HotTowel very well. Only login fits into this, and logout is being handled in a weird way - hidden written in index.cshtml and then being called with:
$.("#hiddenLogoutForm").submit()
The question is - how should I handle account management with currently built application? Would this be the time to introduce 2nd breeze manager to handle UserContext or is there any better way? Considering I already use AccountController for login and logout, would it be good to make BreezeAccountController (or similar name) just for breeze read/writes? Would login/logout still work as intended if I just added [BreezeController] decorator to AccountController? How to best connect Roles and User info? Password changes? Only UserProfile is visible in the context by default so any other change will have to be saved through some other Action method. Is it worth trying with breeze or just simply write ajax calls?
Any suggestions are welcome.
Thanks in advance!
So, here is how I handled it:
I made a copy of AccountController and called it BreezeAccountController and gave it [BreezeController] attribute. After that I did a bit of a clean-up and left only methods I wanted and added a couple more. Also, changed it to use UsersContext.
All data that is allowed to be [HTTPGet] works perfectly with Breeze. For everything else except SaveChanges, I had to write my own ajax calls. Fortunately, it is as simple as this:
return $.ajax({
type: "POST",
url: "./breeze/breezeAccount/ActionMethod",
data: JSON.stringify(data),
success: querySucceeded,
dataType: 'json',
contentType: 'application/json; charset=utf-8'
});
What might be hard is how to read data, but that is pretty simple as well. Variable data on client is a simple object with some properties. On server, I added a new class with exactly the same properties as JSON-ed data on client and then my action method looks like this:
[HttpPost]
[Authorize(Roles = "Admin")]
[System.Web.Mvc.ValidateAntiForgeryToken]
public object ActionMethod(PostedData data)
{
// usage: data.property1
// and do whatever you want, register, validate, change etc..
}
Making some methods POST and not being able to use breeze for them might seem a bit clumsy, but for account management, I think it's worth the trouble.