How do I enable multiple account types in asp.net mvc

Question

I am creating an MVC site where there should be 2 types of users. For simple purposes the users are (User, Sales). That is a user named Steve should be able to exist as a separate account as a User or Sales. How do I model this with asp.net identity since it only allows 1 user profile and registration/login flow? Do I need 2 separate sites?

I've read what I want to do is create a multi-tenant application but I haven't seen any great examples of this with asp.net mvc. Ideally I want users to goto www.foo.com and consume "stuff" that Sales users create at www.foo.com/Sales. A user will register at www.foo.com and have their own flow, and a user will register at www.foo.com/Sales and have their own product creation flow.

What is the best way to model this with EF code first and ASP.net identity?

My thoughts:

• 2 seperate sites - But then can I share the 2 DBContext on each site through a class library perhaps?

Answer 1

For your purposes you should use custom membership provider. This is the link with article about it http://logcorner.wordpress.com/2013/08/29/how-to-configure-custom-membership-and-role-provider-using-asp-net-mvc4/. Also there is How do I create a custom membership provider for ASP.NET MVC 2? about how to create custom membership Provider

Answer 2

Example of a custom membership provider (please note this is an old code of mine, so you shoul try to optimize it ):

public class UsersProvider : RoleProvider
 {

     public override void AddUsersToRoles(string[] username, string[] roleName)
    {
        using (SmaCareEntities db = new SmaCareEntities())
        {
            List<int> ulist = (from u in db.Users
                               where username.Contains(u.UserName)
                               select u.RoleId).ToList();

            List<int> rlist = (from r in db.Roles
                               where roleName.Contains(r.Name)
                               select r.Id).ToList();


            var urlist = (from r in rlist
                          select new Role { Id = r }).FirstOrDefault();
            db.Roles.Attach(urlist);
            db.ObjectStateManager.ChangeObjectState(urlist, EntityState.Modified);
            db.SaveChanges();

        }
    }

    public override string ApplicationName
    {
        get
        {
            throw new NotImplementedException();
        }
        set
        {
            throw new NotImplementedException();
        }
    }

    public override void CreateRole(string roleName)
    {
        throw new NotImplementedException();
    }

    public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
    {
        throw new NotImplementedException();
    }

    public override string[] FindUsersInRole(string roleName, string usernameToMatch)
    {
        using (SmaCareEntities db = new SmaCareEntities())
        {

            User user = db.Users.FirstOrDefault(u => u.UserName.Equals(usernameToMatch, StringComparison.CurrentCultureIgnoreCase) || u.Email.Equals(usernameToMatch, StringComparison.InvariantCultureIgnoreCase));
            var roles = from r in db.Roles
                        where user.RoleId == r.Id
                        select r.Name;
            if (roles != null)
                return roles.ToArray();
            else return null;

        }

    }

    public override string[] GetAllRoles()
    {
        throw new NotImplementedException();
    }

    public override string[] GetRolesForUser(string username)
    {
        using (SmaCareEntities db = new SmaCareEntities())
        {

            User user = db.Users.FirstOrDefault(u => u.UserName.Equals(username, StringComparison.CurrentCultureIgnoreCase) || u.Email.Equals(username, StringComparison.InvariantCultureIgnoreCase));
            var roles = user.Role.Name;

            if (roles != null)
                return new string[] {roles};
            else
                return new string[] { };

        }
    }

    public override string[] GetUsersInRole(string roleName)
    {
        throw new NotImplementedException();
    }

    public override bool IsUserInRole(string username, string roleName)
    {
        using (SmaCareEntities db = new SmaCareEntities())
        {
            User user = db.Users.FirstOrDefault(u => u.UserName.Equals(username, StringComparison.CurrentCultureIgnoreCase) || u.Email.Equals(username, StringComparison.CurrentCultureIgnoreCase));
            if (user != null)
            {
                var roles = user.Role.Name;

                if (user != null)
                    return roles.Equals(roleName, StringComparison.CurrentCultureIgnoreCase);
                else
                {
                    return false;
                }
            }
            else
                return false;

        }
    }

    public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
    {
        throw new NotImplementedException();
    }

    public override bool RoleExists(string roleName)
    {
        throw new NotImplementedException();
    }
}

Usage example:

    [Authorize(Roles = "Administrator")]   // this is the line where your membership provider checks if current user in "Administrator" role
    public ActionResult ProductList(string keyword, int? page)
    {
        return View(MainService.GetProducts(keyword, page));
    }

    [Authorize(Roles = "Administrator")]
    public ActionResult Delete(int id)
    {
        MainService.Delete(id);
        return RedirectToAction("ProductList");
    }

Don't forget to add this in your web.config file :

<roleManager enabled="true" defaultProvider="UsersProvider"> <providers> <clear/> <add name="UsersProvider" type="BusinessLogic.Users.UsersProvider" /> </providers>

Also, in your database you should have an User table and a Role table with a 1 to N relation ( use a foreign key - Id_role in your User table )