5

Using ASP.NET membership, if I want to get information for the current user, I can call MembershipUser.GetUser()

So, somehow the system must know the ID of the current user.

If this is correct, and all I want is the ID of the current user, is there a way to get it without returning all the user information from the database?

I know I can get the username of the current user using User.Identity.Name, but I need the ID.

Jonathan Wood
  • 65,341
  • 71
  • 269
  • 466

6 Answers6

10

The short answer is no you can't get only userID without retrieve whole user info when you use built-in membership provider, only by this

    MembershipUser user = Membership.GetUser();
    string UserID = user.ProviderUserKey.ToString();

But if you want to have method or property which retrieve only userID, you must re-implement your own membership provider or(it's simply) to implement IPrincipal interface

Vitaly Zemlyansky
  • 331
  • 1
  • 3
  • 12
2

To return the UserId, use the command bellow in your controller:

User.Identity.GetUserId();

To return the UserName, use:

User.Identity.Name;

To return the user:

var user = db.Users.Find(User.Identity.GetUserId());

Please refer to the post: How to get current user, and how to use User class in MVC5?

Community
  • 1
  • 1
Rafael Fernandes
  • 505
  • 6
  • 10
1

As you've guessed, the Membership API doesn't support what you want out of the box. In the past, I've used a helper class instead of creating my own provider. In this case it's pretty simple, maybe something like this:

public static object GetUserId() {
  return GetUserId(HttpContext.Current.User.Identity.Name, true);
}    
public static object GetUserId(string userName) {
  return GetUserId(userName, true);
}
public static object GetUserId(string userName, bool UpdateLastActivity) {
  using (SqlConnection c = new SqlConnection(CONNECTION_STRING)) {
    string sql = @"
DECLARE @UserId uniqueidentifier
SELECT @UserId=u.UserId
FROM dbo.aspnet_Applications AS a
  ,dbo.aspnet_Users AS u
  ,dbo.aspnet_Membership AS m
WHERE
  a.LoweredApplicationName=LOWER(@ApplicationName)
  AND u.ApplicationId=a.ApplicationId
  AND u.LoweredUserName=LOWER(@UserName)
  AND u.UserId=m.UserId;
IF @UserId IS NOT NULL AND @UpdateLastActivity=1
  UPDATE dbo.aspnet_Users
  SET LastActivityDate=@CurrentTimeUtc
  WHERE UserId=@UserId;
SELECT @UserId  
      ";
    using (SqlCommand cmd = new SqlCommand(sql, c)) {
      cmd.Parameters.AddWithValue("@ApplicationName", Roles.ApplicationName);
      cmd.Parameters.AddWithValue("@UserName", userName);
      cmd.Parameters.AddWithValue("@UpdateLastActivity", UpdateLastActivity);
      cmd.Parameters.AddWithValue("@CurrentTimeUtc", DateTime.UtcNow);
      object id = null;
      c.Open();
      id = cmd.ExecuteScalar();
      return id != DBNull.Value ? id : null;
    }
  }
}

Above is pretty similar to what's done in the Membership API when calling GetUser()

kuujinbo
  • 9,272
  • 3
  • 44
  • 57
  • What I was looking for was something lighter weight given the fact that I could see ASP.NET was caching some of this information. I don't really see any advantage to using your code over something simple like `Membership.GetUser().ProviderUserKey`. – Jonathan Wood Jan 14 '12 at 17:36
  • If you take a look at the `aspnet_Membership_GetUserByName` stored procedure in the `aspnetdb` database, one of the fields queried has a `ntext` data type. You didn't elaborate on what your setup is, so that may or may not be an issue. However, you're missing the point about calling `Membership.GetUser().ProviderUserKey`. You get the user ID, but `Membership.GetUser()` **is executing** `aspnet_Membership_GetUserByName` - run it through SQL Server Profiler to confirm. Never bothered to check what ASP.NET is caching, though. – kuujinbo Jan 14 '12 at 18:02
  • I'm not sure I'm getting your point. Yes, `Membership.GetUser()` returns the entire user record--something I originally wanted to see if I could avoid. But looking at the complexity of the code you posted, I'm just not really seeing that it's going to be all that much faster. So I'm not sure I really see a big advantage. Sorry, I missed your point about `ntext`. Why would it be an issue? (I'm using the latest version of about everything.) – Jonathan Wood Jan 15 '12 at 00:59
  • `aspnet_Membership_GetUserByName` queries 11 fields including `aspnet_Membership.dbo.Comment`, one of the [poorest performing](http://goo.gl/s5RFn) database types in SQL Server. A reasonable assumption, based on your question, is that you want *any* possible optimization. Answer reduces network traffic, especially if you **are** using `MembershipUser.Comment` in your setup (not specified in question). Please don't take this personally, but if you think the answer is "*complex*" you're better off sticking with `Membership.GetUser().ProviderUserKey` (difference not important to you). Good luck. – kuujinbo Jan 15 '12 at 06:41
  • Yes, I do take it personally. It's just a question of trade offs--not what is too complex for me to handle! Beyond that, why couldn't you just change the `ntext` column type in the database? – Jonathan Wood Jan 15 '12 at 16:18
  • Really, the reason I added "don't take this personally..." is **exactly** because I understand **everyone** has different thresholds for complexity :) And *please* think about the consequences of changing the `ntext` column or *any other object* in aspnetdb. Microsoft obviously had their reason(s) when creating the `aspnetdb.dbo.aspnet_Membership` table schema. Maybe it's just me, but I would rather write a little extra code than mess with someone else's (Microsoft's) existing API... – kuujinbo Jan 15 '12 at 18:32
  • I said it's *not* about what's too complex for me to handle. Is there any way to avoid these type of personal implications in a technical discussion? The `ntext` column type is documented as deprecated and I even read it will be removed from future versions. Why did MS use it? Because the membership database was created a very long time ago. – Jonathan Wood Jan 15 '12 at 19:48
0

Consider

int userId = WebSecurity.CurrentUserId;

Credit: https://stackoverflow.com/a/15382691/1268910

Community
  • 1
  • 1
Bolt Thunder
  • 745
  • 6
  • 26
0

You can use MembershipUser.UserName to get the user id or try calling Membership.GetUser(User.Identity.Name) and see if that works for you.

Xtian Macedo
  • 835
  • 5
  • 19
  • No, that is the username, not the ID. And my question was how to get this without retrieving all the user's data, which is exactly what your suggestion does. – Jonathan Wood Jan 14 '12 at 04:52
  • Try with the one I posted after my edit `Membership.GetUser(User.Identity.Name)` – Xtian Macedo Jan 14 '12 at 04:56
  • You've described multiple ways to do exactly what I *don't* want to do. Perhaps you didn't read my question. – Jonathan Wood Jan 14 '12 at 04:57
  • What about this other one? `MembershipUser myObject = Membership.GetUser(); string UserID = myObject.ProviderUserKey.ToString();` I believe that's what you're looking for. – Xtian Macedo Jan 14 '12 at 05:01
  • Of course it works. But it requires reading the entire user record to get the ID. This is exactly what I said in my question I did *not* want to do. It's not clear to me why you're not understanding me, and thanks for the effort, but I think I'm done with this conversation. – Jonathan Wood Jan 14 '12 at 05:57
0

After looking into this further, it seems that the ASP.NET Membership API does not track the user ID after all. It must track just the user name (User.Identity.Name). The ID is not required because Membership.GetUser() can find a user from an ID or user name.

In fact, Membership.GetUser() must simply translate to Membership.GetUser(User.Identity.Name). Since it can obtain the current user from the user name, there is no longer any reason to assume that the current user ID is cached anywhere.

So it appears the ID is not loaded into memory, and the only way to obtain the ID is to load the data from the database (which means loading the entire user record when using the ASP.NET Membership API).

Jonathan Wood
  • 65,341
  • 71
  • 269
  • 466
  • A membershipuser should have a ProviderUserKey property that you can cast (Guid) assuming you are using the SQLMembershipProvider. – PilotBob Oct 21 '14 at 19:46